www.desidime.com Open in urlscan Pro
104.22.9.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.desidime.com/
Effective URL:
https://www.desidime.com/
Submission: On November 17 via api (November 17th 2023, 12:52:47 am UTC) from US — Scanned from DE

Summary HTTP 337 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 39 domains to perform 337 HTTP transactions. The main IP is 104.22.9.132, located in and belongs to CLOUDFLARENET, US. The main domain is www.desidime.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on December 16th 2022. Valid for: a year.

This is the only time www.desidime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.8.250 172.67.8.250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	104.22.9.132 104.22.9.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1a32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
38	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
9 11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
9	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1 2	52.209.24.113 52.209.24.113	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2600:9000:223... 2600:9000:223f:2a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f13:800... 2600:1f13:800:7782:6a85:112b:3363:fed8	16509 (AMAZON-02) (AMAZON-02)
4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	34.248.171.95 34.248.171.95	16509 (AMAZON-02) (AMAZON-02)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.130.85.236 18.130.85.236	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.124.119.57 3.124.119.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.103.78 13.224.103.78	16509 (AMAZON-02) (AMAZON-02)
1	18.165.183.114 18.165.183.114	16509 (AMAZON-02) (AMAZON-02)
2	18.170.173.249 18.170.173.249	16509 (AMAZON-02) (AMAZON-02)
337	57

1 172.67.8.250 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 104.22.9.132 (None, )

ASN13335 (CLOUDFLARENET, US)

www.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn0.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.desidime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.141 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.24.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-24-113.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7782:6a85:112b:3363:fed8 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.171.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-171-95.eu-west-1.compute.amazonaws.com

samsung-germany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.130.85.236 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-85-236.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com

pfa.levexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-78.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-114.zrh55.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.173.249 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-173-249.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	623 KB
55	desidime.com 1 redirects www.desidime.com cdn3.desidime.com cdn0.desidime.com cdn1.desidime.com cdn2.desidime.com cdn5.desidime.com Failed	672 KB
43	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 325135	393 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	1 MB
24	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
20	google.com accounts.google.com — Cisco Umbrella Rank: 24 www.google.com — Cisco Umbrella Rank: 2 ampcid.google.com — Cisco Umbrella Rank: 2931 region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com — Cisco Umbrella Rank: 105	273 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	102 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900025.redintelligence.net — Cisco Umbrella Rank: 269740	38 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	414 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	332 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30616 api.webgains.io — Cisco Umbrella Rank: 91573	19 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44040 medialead.de — Cisco Umbrella Rank: 43761	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862 ampcid.google.de — Cisco Umbrella Rank: 86280	884 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4223 onesignal.com — Cisco Umbrella Rank: 1433	73 KB
2	demdex.net 1 redirects samsung-germany.demdex.net — Cisco Umbrella Rank: 265218	1 KB
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	227 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	418 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	1 KB
2	t.co t.co — Cisco Umbrella Rank: 607	604 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	843 B
1	levexis.com pfa.levexis.com — Cisco Umbrella Rank: 173136	534 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 217997	923 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	628 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	125 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	1 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 146086	608 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7012	17 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
337	39

	Domain	Requested by
52	pagead2.googlesyndication.com	www.desidime.com securepubads.g.doubleclick.net tpc.googlesyndication.com f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
38	s0.2mdn.net	www.desidime.com s0.2mdn.net f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.desidime.com f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
20	cdn0.desidime.com	www.desidime.com cdn1.desidime.com
18	www.gstatic.com	www.desidime.com www.google.com www.gstatic.com
16	cdn1.desidime.com	www.desidime.com
13	www.google.com	cdn1.desidime.com tpc.googlesyndication.com www.gstatic.com www.google.com
11	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	cdn3.desidime.com	www.desidime.com
9	ad.doubleclick.net	www.desidime.com f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
8	dt.adsafeprotected.com	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
7	www.googletagservices.com	www.desidime.com f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
6	fonts.gstatic.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal900025.redintelligence.net	1 redirects f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com hal900025.redintelligence.net
4	hal9000.redintelligence.net	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com hal900025.redintelligence.net
4	www.googletagmanager.com	www.desidime.com www.googletagmanager.com adv.office-partner.de
4	accounts.google.com	www.desidime.com accounts.google.com
4	cdn2.desidime.com	www.desidime.com
4	www.desidime.com	1 redirects www.desidime.com static.cloudflareinsights.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects www.desidime.com
2	pv.medialead.de	1 redirects f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
2	samsung-germany.demdex.net	1 redirects f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	www.facebook.com
2	www.google.de
2	analytics.twitter.com
2	t.co
2	connect.facebook.net	www.desidime.com connect.facebook.net
2	cdn.onesignal.com	www.desidime.com cdn.onesignal.com
1	cdn.track.production.webgains.team	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	fonts.googleapis.com	hal900025.redintelligence.net
1	pfa.levexis.com
1	www.awin1.com	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	www.desidime.com
1	adv.office-partner.de	hal900025.redintelligence.net
1	pb.media01.eu	hal900025.redintelligence.net
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	m.exactag.com	f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
1	portal.o2online.de
1	ampcid.google.de	www.google-analytics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	onesignal.com	cdn.onesignal.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cdn.mouseflow.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.desidime.com
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
0	cdn5.desidime.com Failed	cdn1.desidime.com
337	64

This site contains links to these domains. Also see Links.

Domain
telegram.me
www.linkedin.com
business.desidime.com
www.cuelinks.com
www.facebook.com
www.twitter.com
www.youtube.com
play.google.com
itunes.apple.com
www.paritycube.com

Subject Issuer	Validity	Valid
*.desidime.com AlphaSSL CA - SHA256 - G4	`2022-12-16` - `2024-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.mouseflow.com Cloudflare Inc ECC CA-3	`2023-10-25` - `2024-10-23`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-26` - `2023-11-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
portal.o2online.de E1	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
pfa.levexis.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.desidime.com/
Frame ID: 1E20CA481788B91C82B97A87F4ADD894
Requests: 104 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73B3399D714F165E837B45486ED50A9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 5C3DC4E4BC8C61BEBE2A8242107622E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BA5E8EF6C62D249D01F0533610E3475
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DD4EE783E9098658C3844C1C3A9041B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=poe76j9j5j0c
Frame ID: 26B516DDF926519B07B8992ECDC0F96C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1rtj54bbsq4p
Frame ID: BD59B6B7FFFBCDBBC8433760D1053044
Requests: 4 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C6C4C09631C302700488BA32BCC253D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivybP8ATAB&v=APEucNV77Q_b0wiYmbWxTfnKB4_ktAeUfGAeHvIFUfp4W8jfEbF2zPAQAcd8sgLES7hJF3l1RfWIQ8BR4-WZE1t4vOaWs_qORCDWGLoyi4EhAqnAGAjVXVdRqrv-wNRA_1DAQxKR2QEA9WTCNvT-s-D3jDWFhNjTIlIqyGa3cWxz1MD8GjCxj6k
Frame ID: F6115F67A0344C104817EBAFDF9AA25E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D07379D1F39AAB2EC69E55880D745BD7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
Frame ID: 76A6B66DF7A5DD4FB8DDE87968AAEF09
Requests: 9 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 61DD33A165F3E424B50167AB1E4A1775
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNUXuC5IooY4CBhc3A_eJzEqAdBqasTHf6CR4YTe7JIMiVZ9lbB1VeZ6gKywooBjecDGQzm6EKAsTEXRSs2uBYlNuJaX5MYqlScqcwCjoRzndoXhrYHWQH9c3RsBsUcV4MTaaUu1tsUrrvtiq-HNH0CUcunXXoJfTVjdlhkrUcIeJji_rOQ
Frame ID: 3732A28ECD68C3B2AE99CC257F40BB34
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
Frame ID: E4393C6448DE36C50F335848605A125E
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
Frame ID: DD172BEC70AE4FF58415C6124D8F2710
Requests: 11 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DD44520F23E5354FB70B39EA98CB8C6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE
Frame ID: B72D0C8C81B411B0CF537A3021046268
Requests: 5 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F9D60B7D3F98884959294F07C7BDB062
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
Frame ID: 89ED8C16AD42DD76BC2BED958B08DEA2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C4D20831ADD63A9657E3F6F87FF8FE18
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPa9aT_mEDWxyPCIMPXQkOwi3f-O7G-nnYE15RGoBP86qXZOGsw_505sIbGkdnTqvWXr8BlpgKiPSFy8ldy8rLl_NE7Cf7lLIFEjSV92LwhJS2MoENExacoeFTF8_WFdpQloO4XwurfizLLwf6UTsuzq9XjE5rWKp8727-mdzHwB0wdKk
Frame ID: 9B6FC96FFD6C13DCF17CDD624A0F9034
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6EA85CE44C685338247C5886420AF342
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 0F9176D028D75C2B2074D599AD209514
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 669EEDFA32D6E1AF4245A9C91B9936CC
Requests: 1 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8790E471BD39270D5D0D0AE75616FFCA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYkfrV_QEwAQ&v=APEucNUO162C_FDYIyMFeatrgeBJy2O-ZG48qNluvPyqPUkyvOAh9rUjXGdv_xpOVvYDTJ5MIYIVGwCkwugE5rXi1vFypdUMqIDyppOuAwfrwttUGaIwmuza8wd19gOmRcZEjDmfLNfJv84b80L25vBbYP3q0CnJcQfIBZMs-PbfD6i5QNdEMTw
Frame ID: 89FB0517CE9071022FBB2DF7E2C1E2BE
Requests: 3 HTTP requests in this frame

Frame: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C512A70D0F017963772F0C3C0D1F5481
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AC744373787CA09B8CAB486027F61B37
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
Frame ID: D2F4E996C40AB80B245896E56F80014A
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 67D7F5795AB4297C016F41F333948494
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGNSInP0BMAE&v=APEucNXO_QBvs5lMV64AV9pqFr4OvDKgjKbuCxFQz6V2naTEdA-c7eBjSzy1J-GEWmmv9MDK_xOXCcZyFsd0_zBD_FoeqbNS__YalbVFYbzqMWZMc8pFDV-8xqabfCTgD2V12GDVkGqJKpvbM34ViOs6HTJ8s9iUD3xGoc0mbFTetbeRDF8sqoI
Frame ID: 942316BBF090633F0D07CE98187EF768
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: CB9345D7DE2D5288A9E1B91503F9D1B6
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27893600004452004444550012511025&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: CC86612E359D0B11EBA71E304AC752E5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B802782BBEE9A17770778A723338C5AA
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436
Frame ID: 073A844E738937E78EA50FA53B5B2F07
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Frame ID: 42659A36A5EF9F361DF136EA2458560E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 38DC2E68BD94396ECB2674F0404D15C2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 0BCFB0044A8FCC490CE477C7C3A07379
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Shopping India | Best Deals | Top Deals Online - Desidime

Page URL History Show full URLs

http://www.desidime.com/ HTTP 301
https://www.desidime.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

337
Requests

95 %
HTTPS

48 %
IPv6

39
Domains

64
Subdomains

57
IPs

8
Countries

5700 kB
Transfer

13664 kB
Size

38
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.me/desidimeHot
Title: Handpicked Deals on Telegram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/jobs/parity-cube-pvt-ltd-jobs/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://business.desidime.com/
Title: Merchant Hub

Search URL Search Domain Scan URL

URL: https://www.cuelinks.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/desidime

Search URL Search Domain Scan URL

URL: https://www.twitter.com/desi_dime

Search URL Search Domain Scan URL

URL: https://telegram.me/DesidimeHot

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/DesidimeTV/videos

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=app.desidime&hl=en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/mz/app/desidime-shopping-community/id1319895803?mt=8

Search URL Search Domain Scan URL

URL: https://www.paritycube.com/
Title: Parity Cube Pvt Ltd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.desidime.com/ HTTP 301
https://www.desidime.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVa5V.LRRh0FnLbi3LvvLwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVa5V.LRRh0FnLbi3LvvLwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrNbS9oUBVpzOvhw-8pyYw&google_cver=1

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ7qrKdBxHh9KdxDpMNebVY&google_cver=1

Request Chain 205

https://fw.adsafeprotected.com/rfw/st/1835641/76534654/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6055132318164052&ias_chanId=1&ias_placementId=20785739509&bidurl=https://www.desidime.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0is13uphe-1FVROVJYmwdy-&adContainerId=gcc_WLlWZeKSC8-QjuwPkqaYqA4&cbFunctionName=goog_wrapCb_WLlWZeKSC8-QjuwPkqaYqA4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.desidime.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.desidime.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1cc569ee-9672-e3cc-f363-c348048b055a,c:ubyyyc,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-bfr2g,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:34,oid:9bfb62f2-84e3-11ee-95fd-0aa3c8600ff1,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_WLlWZeKSC8-QjuwPkqaYqA4&cbFunctionName=goog_wrapCb_WLlWZeKSC8-QjuwPkqaYqA4&true_pb=

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPrRk0mpP6pAP2pqHAIwJDk&google_cver=1

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOzcseZH37sunZhR9QBbVJk&google_cver=1

Request Chain 259

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699 HTTP 302
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699

Request Chain 260

https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 287

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27893600004452004444550012511025&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 290

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436

Request Chain 292

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=

337 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.desidime.com/
Redirect Chain

http://www.desidime.com/
https://www.desidime.com/

200 KB
36 KB

1048ms
1025ms

Document
text/html

104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59bcc344c3607056fb97c1c93e5e77c2e6564240bf94b4bc54e4e6fb5927eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate,private
cf-cache-status: DYNAMIC
cf-ray: 8273fdf53e981e50-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 00:52:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000 max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 49444a42-97e7-4cf3-91ae-230e485dd455
x-runtime: 0.169278
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8273fdf4de5f9c0c-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 17 Nov 2023 00:52:37 GMT
Expires: Fri, 17 Nov 2023 01:52:37 GMT
Location: https://www.desidime.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 blackfriday-icon.png
cdn3.desidime.com/merchants/369/original/ 474 B
774 B 53ms
21ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/merchants/369/original/blackfriday-icon.png?1574877908
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc1857923a0e82a804397d5f38a2286149aa94ea019f142e6a36fe59026c60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 489783
cf-polished: origFmt=png, origSize=714
x-cache: Hit from cloudfront
content-disposition: inline; filename="blackfriday-icon.webp"
content-length: 474
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Nov 2019 18:05:10 GMT
server: cloudflare
etag: "852ce8231450a93c3dc1ed11eac58881"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfc1a0b1e50-FRA
x-amz-cf-id: RLM96gBtuWKaLGmAGFjLF6SXSb59tILn6ds3WPoSW4cZ2sEtB7goBQ==
expires: Fri, 23 Nov 2029 10:02:40 GMT

GET
H2 200 golddime-notify-icon.png
cdn0.desidime.com/giveaways/dsk/ 776 B
1 KB 189ms
24ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/giveaways/dsk/golddime-notify-icon.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc46de5e90fa13ea39f79f4a286dbfa0d6cb2dbca160ef97ecb2dac3445a83c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=975
x-cache: Hit from cloudfront
content-disposition: inline; filename="golddime-notify-icon.webp"
content-length: 776
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Jun 2017 09:03:00 GMT
server: cloudflare
etag: "1aabb420644ffd0fbaf2accdf75724d1"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea851e50-FRA
x-amz-cf-id: Qam2h0JsQpB6L7_aXy7MuEIyUhjNMtJF6CzLP2py3F2xeQfPhksoiA==

GET
H2 200 login_signup_logo-1fd979ef774ca4d8a659efa56dad434d.png
cdn0.desidime.com/assets/ 6 KB
6 KB 185ms
20ms Image
image/png 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/assets/login_signup_logo-1fd979ef774ca4d8a659efa56dad434d.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90328f655c6f9992400de8c0a659ccc9cf873167e8270281dcfc96e2bacd9f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-version-id: jvjx6gHstYxnrG8BcNmSV4vpTOhyBc0X
last-modified: Mon, 07 Jun 2021 09:22:01 GMT
server: cloudflare
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 327115
etag: W/"f51a6761f3b2471d4561245981b82e50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8273fdfcea8b1e50-FRA
x-amz-cf-id: I6RSdX4hg-iAwzdZvpjuWRwZrUqTy3lSCikmsigKPfcELn5I2TVoqg==

GET
H2 200 facebook-icon-21.png
cdn0.desidime.com/ddb/ 174 B
546 B 195ms
30ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/ddb/facebook-icon-21.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c560304e2262a88e2ad9a67b526271c2cdf6fceae5b647fb6d72739de7148e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 22e421a47e59010b5e8eb6ae4d4bd7e4.cloudfront.net (CloudFront)
x-amz-version-id: Jr9Z397ujN3_eEfJeU.wzu4mdQqu5AoB
cf-cache-status: HIT
x-amz-cf-pop: LHR61-P2
cf-polished: origFmt=png, origSize=448
x-cache: Hit from cloudfront
content-disposition: inline; filename="facebook-icon-21.webp"
content-length: 174
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Feb 2021 08:38:43 GMT
server: cloudflare
etag: "4d35213bd43ad402df2a78ac49e05969"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea891e50-FRA
x-amz-cf-id: Dt6PKmR6dDR25i_YT24qmu2PMIBIOF6Oq5sUwd9e8xmFkrqA3NDVzQ==

GET
H2 200 google-icon-21.png
cdn1.desidime.com/ddb/ 520 B
895 B 193ms
36ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/ddb/google-icon-21.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c9d96b3aac2c66871912b318c62fdee48f1acd88399208b3d18d61d70dbeea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-version-id: aFQ_CT6GkN6nVS1JSuTgcdNHW.jf6zNv
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=991
x-cache: Hit from cloudfront
content-disposition: inline; filename="google-icon-21.webp"
content-length: 520
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Feb 2021 08:38:44 GMT
server: cloudflare
etag: "e98866726340e9a32992d8a751d39c6c"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: https://www.desidime.com
vary: Accept
access-control-allow-credentials: true
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea7c1e50-FRA
x-amz-cf-id: SjpIV1nJxtCc9EWF8oYHj4-LD-q6Xx3WS66doYfpQjJkty9ZZg143w==

GET
H2 200 forgot_password-143f25c1c90ed90b4bb813dbc5cbca71.png
cdn1.desidime.com/assets/ 19 KB
20 KB 179ms
22ms Image
image/png 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/assets/forgot_password-143f25c1c90ed90b4bb813dbc5cbca71.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06f62f8bc116cc95e614a6385bad91054f7bc48df9e28786c9570856ade7be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-version-id: .EH0AwMx8zNyB5qc08VkbGSoXSIhrlWM
last-modified: Mon, 07 Jun 2021 09:32:33 GMT
server: cloudflare
cf-cache-status: HIT
x-amz-cf-pop: DUS51-P2
age: 673633
etag: W/"67d4b5b206db374b70b8a9919737010e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8273fdfcea7d1e50-FRA
x-amz-cf-id: KOz_5Q8CqRjY3H5UHZC30rLLavvkFkBtGJkb8-bh4MiFeCAQuQoVmA==

GET
H2 200 Be-Part-of-Community.png
cdn1.desidime.com/ddb/ 5 KB
5 KB 222ms
65ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/ddb/Be-Part-of-Community.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbbbbddff674efe2df47d4b4ac65614bfad6605a248a9e09f5607841914c933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-version-id: cMc_mk_xecRmlZf2MlKM8jSBKLGzKRSf
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=5061
x-cache: Hit from cloudfront
content-disposition: inline; filename="Be-Part-of-Community.webp"
content-length: 4626
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Mar 2021 13:16:54 GMT
server: cloudflare
etag: "024005aa3143ef3de24a247cb953e8be"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea7f1e50-FRA
x-amz-cf-id: q6zr9yTYlQENTXZVH8tZVutmm9ELaYpqtTIKywDM1uO4Q8xLlIVrmg==

GET
H2 200 Save-Money.png
cdn0.desidime.com/ddb/ 6 KB
6 KB 193ms
29ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/ddb/Save-Money.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cea81714378531a09b7f186300e58c53b0129dd3ca81af9514f1b7c3722ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-amz-version-id: A2nfVEDSCzxL0FZJrH.dGWrilx_N6Xvy
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=6280
x-cache: Hit from cloudfront
content-disposition: inline; filename="Save-Money.webp"
content-length: 5856
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Mar 2021 13:16:57 GMT
server: cloudflare
etag: "fc64e41d6f195ff6b7af2b9836c7d993"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: https://www.desidime.com
vary: Accept
access-control-allow-credentials: true
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea8a1e50-FRA
x-amz-cf-id: mJEiRTOYu0DpZDJZupQevwsZtaoZC7egPsV7fOblqpkoxV7ddHsXxQ==

GET
H2 200 Never-miss-an-Offer.png
cdn2.desidime.com/ddb/ 4 KB
5 KB 43ms
31ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.desidime.com/ddb/Never-miss-an-Offer.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ad06533594760646e42b3c1946b49dc45615fb56b509763ea10528de1ea872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-version-id: .tkEJDAPBqDGPOjAZuhg_JJDOhuzlmSx
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=5276
x-cache: Hit from cloudfront
content-disposition: inline; filename="Never-miss-an-Offer.webp"
content-length: 4490
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Mar 2021 13:16:55 GMT
server: cloudflare
etag: "6e02f74a5377d2ce877e14eac8941845"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfbf9f71e50-FRA
x-amz-cf-id: amhCXmr5tCk148pB4eBiBzDFSxs6GQBK0VQSOYdgety-KHx53yLEgA==

GET
H2 200 Desidime-Desktop-logo.png
cdn1.desidime.com/cdn-cgi/image/fit=contain,f=auto,,w=250,h=65,q=90/ddb/festival-logo/ 8 KB
8 KB 205ms
50ms Image
image/avif 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.desidime.com/cdn-cgi/image/fit=contain,f=auto,,w=250,h=65,q=90/ddb/festival-logo/Desidime-Desktop-logo.png

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aff22408cc764f30bb9dfa1b72fc4c5582a2b215566d4f4de8d6d71ce1a299e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 7742
cf-resized: internal=ok/h q=0 n=11+0 c=0+41 v=2023.9.8 l=7742
last-modified: Thu, 16 Nov 2023 10:08:06 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfBwYjZ9vnANi531jwshz3CJ6pY_PAYnwWh471tsUKDQ:839442f0e6a7a3042423701ea56010db"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea781e50-FRA

GET
H2 200 sizzling_200x200.png
cdn0.desidime.com/groups/photos/614/medium/ 32 KB
33 KB 162ms
21ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/groups/photos/614/medium/sizzling_200x200.png?1580465307
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5544b13271c71ed2fe0216627c1082366d80d3b131264c846d68bfddd47127ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 489894
cf-polished: origFmt=png, origSize=46251
x-cache: Hit from cloudfront
content-disposition: inline; filename="sizzling_200x200.webp"
content-length: 33252
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Nov 2019 16:52:47 GMT
server: cloudflare
etag: "c71d2a7a45b7a26cb4acb56654aaa694"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfcea881e50-FRA
x-amz-cf-id: bfTUE5elQUovoHlQDjLq9t1vpZ3XFe5GvNp-QDZHbwnZJAHg0G04sw==
expires: Tue, 13 Nov 2029 16:30:04 GMT

GET
H2 200 cropped7689342729577387743.jpg
cdn0.desidime.com/groups/photos/703/medium/ 4 KB
4 KB 167ms
27ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/groups/photos/703/medium/cropped7689342729577387743.jpg?1693127334
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65df48504f4be49375488aaaad2d7ef37e921d15dd4a49d60354746de8a730df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-version-id: AkTMIu6WL1wDiBWOEh0FJidiHCcy8E_9
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 255381
cf-polished: qual=85, origFmt=jpeg, origSize=6295
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="cropped7689342729577387743.webp"
content-length: 3824
cf-bgj: imgq:85,h2pri
last-modified: Sun, 27 Aug 2023 09:08:58 GMT
server: cloudflare
etag: "d26239bc07c475634c3f239179fe2b76"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfcea871e50-FRA
x-amz-cf-id: EuEONDmMslkLWtWlsN-DQhKdNtfHIewVjTU4WgVCNmyxALGOjJ7dWQ==
expires: Wed, 24 Aug 2033 14:29:41 GMT

GET
H2 200 Reliance-jio-true-5g-DD-article-image-1200x-1200.jpg
cdn1.desidime.com/topics/photos/1498776/medium/ 7 KB
8 KB 155ms
22ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/topics/photos/1498776/medium/Reliance-jio-true-5g-DD-article-image-1200x-1200.jpg?1666787575
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceeb6cf1573d2c74f301aa48a1f4de4f9b8498c6d805d198d09eed932d760111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-version-id: I3AzuSAjooi8c.3nu8VMojkT5SLTL4Ma
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 561412
cf-polished: qual=85, origFmt=jpeg, origSize=19978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="Reliance-jio-true-5g-DD-article-image-1200x-1200.webp"
content-length: 7494
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Oct 2022 12:33:00 GMT
server: cloudflare
etag: "9882e5d3cc03f992418b958f18d4d0eb"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfcea7a1e50-FRA
x-amz-cf-id: 1LwspgyF9gJ5-9-dD8uUlvjB5xbLynS-3E6KEXrHd_cEu-SYYjNGMA==
expires: Tue, 26 Oct 2032 12:30:10 GMT

GET
H2 200 JioremovesDisneyHotstarfreesubscriptionfromall13MobilePlans.png
cdn2.desidime.com/topics/photos/1495074/medium/ 13 KB
13 KB 21ms
21ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.desidime.com/topics/photos/1495074/medium/JioremovesDisneyHotstarfreesubscriptionfromall13MobilePlans.png?1665750512
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b393e1b1617b67ab1a2c8f86108066299e7786c59f7863da7c0b6fb22400bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-version-id: ERIJg84c2r_.baHvFO8PDoTJ0ijkrhr9
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 125838
cf-polished: origFmt=png, origSize=25229
x-cache: Hit from cloudfront
content-disposition: inline; filename="JioremovesDisneyHotstarfreesubscriptionfromall13MobilePlans.webp"
content-length: 13100
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 12:28:36 GMT
server: cloudflare
etag: "3702f1a8f0d1b707d9e1abc20ea98acc"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfc0a031e50-FRA
x-amz-cf-id: BhZx8uamrZGIXq-ILOxaaYDXlPNwd53UHoRoNGliQ0mJa09Yr9FpdQ==
expires: Thu, 14 Oct 2032 12:03:06 GMT

GET
H2 200 grey.gif
cdn1.desidime.com/assets/ 35 B
350 B 157ms
23ms Image
image/gif 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/assets/grey.gif
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67188c4928aec07e09fad682e5e3ee71bad29342e5559ad8e952b9048d53fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 330759
cf-polished: origSize=43, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 35
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Nov 2016 19:13:37 GMT
server: cloudflare
etag: "22c114f768798a2c77899a1485cc69d5"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8273fdfcea7b1e50-FRA
x-amz-cf-id: FT2Ym9aY3eKctEF1A-qn3H3xHmZccqc2a-UE6k8GbyQKaZILI0eFmA==
expires: Sun, 01 Dec 2024 16:00:00 GMT

GET
H2 200 hotness.png
cdn1.desidime.com/ddb/ 848 B
1 KB 160ms
26ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/ddb/hotness.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca0369c02ea8a5993fd01fdc2c747fab4bd20b4f493fbc7c0d359bdafd3ea46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=1072
x-cache: Hit from cloudfront
content-disposition: inline; filename="hotness.webp"
content-length: 848
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Oct 2018 09:05:27 GMT
server: cloudflare
etag: "fd28ef96f003cb2a12ab2ca9a2fdb8cf"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: https://www.desidime.com
vary: Accept
access-control-allow-credentials: true
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfcea791e50-FRA
x-amz-cf-id: M48xbxLMf1HMdDfb8panTdkj6ZgIQSedzrnLIYeLBY817n4hPxyjsw==

GET
H2 200 1400-BY-160-DESKTOP-BANNER.png
cdn3.desidime.com/cdn-cgi/image/fit=contain,f=auto,onerror=redirect,q=10/merchants/1662/original/ 5 KB
6 KB 40ms
35ms Image
image/avif 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.desidime.com/cdn-cgi/image/fit=contain,f=auto,onerror=redirect,q=10/merchants/1662/original/1400-BY-160-DESKTOP-BANNER.png?1700049583

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1214bebfe8e7a88c8fcaa15e5e4e1901b3f0cf02cbcea201cca084ef407ca15e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 5310
cf-resized: internal=ok/h q=0 n=22+816 c=0+0 v=2023.9.8 l=5310
last-modified: Wed, 15 Nov 2023 11:59:45 GMT
cf-bgj: imgq:10,h2pri
server: cloudflare
etag: "cfvY1aDVpfsxgDMaddLPAOJBetllgwXxDk1tQMcZ4iDQ:8340e0eb950ba88a4ecdcf6a450ea2f4"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfc1a0e1e50-FRA

GET
H2 200 DesiDime-WhatsApp-Channel-1400-x-160.jpg
cdn3.desidime.com/cdn-cgi/image/fit=contain,f=auto,onerror=redirect,q=10/merchants/1609/original/ 5 KB
5 KB 46ms
42ms Image
image/avif 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.desidime.com/cdn-cgi/image/fit=contain,f=auto,onerror=redirect,q=10/merchants/1609/original/DesiDime-WhatsApp-Channel-1400-x-160.jpg?1695364889

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71780b4999860da61ba24f4ba4a3b4e9693ad476bdd0245923856678246a4ff2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 4783
cf-resized: internal=ok/h q=0 n=27+128 c=0+0 v=2023.9.8 l=4783
last-modified: Fri, 22 Sep 2023 06:41:31 GMT
cf-bgj: imgq:10,h2pri
server: cloudflare
etag: "cfzaTRFhW12r1LX32rCIMJR3dXllgwXxDk1tQMcZ4iDQ:bbc88bf8b9391bcc6ba1fbd9be3a6a4c"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdfc1a0c1e50-FRA

GET
H2 200 missing.png
cdn1.desidime.com/avatars/default/medium/ 6 KB
6 KB 28ms
27ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/avatars/default/medium/missing.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb56e286805b45e6aef11a726fb248c5f1a2c0b64ba84d96411edc1596a10570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=12521
x-cache: Hit from cloudfront
content-disposition: inline; filename="missing.webp"
content-length: 5940
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Sep 2015 11:25:38 GMT
server: cloudflare
etag: "016af6aee329f250a214af230dfb2260"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfd0a9a1e50-FRA
x-amz-cf-id: vNhSI8dzYJ_UxCfbeTv4Gcw6O-aI_Qeo4WezDu79i6ROqIwZDfWM9A==

GET
H2 200 refresh-new.png
cdn1.desidime.com/ 304 B
594 B 42ms
42ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/refresh-new.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d2fd0848dcad0a53cd8d2d3f176033339b95c1176867ec80924ae5ade7cf17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-version-id: iUdAPKxfxykE1E6ME7xq4BrvR.UMiVCR
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=1359
x-cache: Hit from cloudfront
content-disposition: inline; filename="refresh-new.webp"
content-length: 304
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Jun 2021 06:45:53 GMT
server: cloudflare
etag: "42e7ea477063eda5a7b0e51346b9b703"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdfd1aa31e50-FRA
x-amz-cf-id: nuJ3JQ4vxUwCtrleeGv8X4d313PEV3dqb0qifmvbe2MG_5S4E0ixuw==

GET
H2 200 whatsapp_subscribe-02bbff9fd50540e5c200bb905ab98144.png
cdn2.desidime.com/assets/ 2 KB
2 KB 19ms
19ms Image
image/png 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.desidime.com/assets/whatsapp_subscribe-02bbff9fd50540e5c200bb905ab98144.png
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823ddbc122029000373fb3421d593afed85912ef625063845ec81dc4becfdb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-version-id: hI.pMc_y4.mkyv4ic4aqSIXNlNAE5E3Z
last-modified: Mon, 07 Jun 2021 09:39:20 GMT
server: cloudflare
cf-cache-status: HIT
x-amz-cf-pop: DUS51-P2
age: 318666
etag: W/"c04e9f8c55d2ab86de3eb4d2a4bcd716"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8273fdfcaa5d1e50-FRA
x-amz-cf-id: 5oYjIgtg2c-YlWI2kEzZ8WcyN1_D73y4bHPa1AqUOXzsQeZ_Rym5Hg==

GET
H2 200 rocket-loader.min.js Show response
www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 8ms
8ms Script
application/javascript 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
server: cloudflare
etag: W/"65568fe4-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8273fdfcca701e50-FRA
expires: Sun, 19 Nov 2023 00:52:38 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 63ms
40ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.desidime.com/
Origin: https://www.desidime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8273fdfd1b3c2c1a-FRA

GET
H2 200 onesignal-f6ec53278a8ab1ebb65023ece2318ea0.js Show response
cdn0.desidime.com/assets/js_manifest/ 926 B
764 B 20ms
15ms Script
application/javascript 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.desidime.com/assets/js_manifest/onesignal-f6ec53278a8ab1ebb65023ece2318ea0.js
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad70cb392f2d2da53d461b0e286430839561e79312b1b3f8e31359954578b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: dktL7bacR0K2bvbV4m7.KXQ3NmQ9pktR
cf-cache-status: HIT
x-amz-cf-pop: FRA50-C1
age: 1358397
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Mon, 07 Jun 2021 09:18:24 GMT
server: cloudflare
etag: W/"5fb4bc17ecb0ed4e771bcc584e57fcd3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8273fdfd0a971e50-FRA
x-amz-cf-id: DMRil2trXOvaIJ5_PmRrNjLJTTWWidZWQmOkf03wixrzqSvK9HGvYA==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 44ms
17ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2614
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8273fdfd2b476957-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 00:52:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 100ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd0ae3a7539986b2ee579954d1a6a2594d1da7e4444f0222c80781e03c23586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52727
x-xss-protection: 0
server: cafe
etag: 1528649763874009253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 recaptcha-51e379348f52a06e59ec4a60fb3b914f.js Show response
cdn1.desidime.com/assets/ 4 KB
1 KB 23ms
19ms Script
application/javascript 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.desidime.com/assets/recaptcha-51e379348f52a06e59ec4a60fb3b914f.js
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2001b38a2e30ae1890e7a861ae27f53691ff6629c23e7f58af78d58886a6c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: GVByAL6NUKLUa3LX.cWhQGwgYHbn3P_x
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 581087
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Thu, 22 Sep 2022 10:07:36 GMT
server: cloudflare
etag: W/"2d3d7ef7618f187d0ee31df88384e282"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8273fdfd0a981e50-FRA
x-amz-cf-id: Dd_tXgBIbmAxjp0C3IE0NPgtREg-4xrwEMlb95DG3Ukj6vxuGTTWIw==

GET
H2 200 firebase-database.js Show response
www.gstatic.com/firebasejs/8.6.2/ 183 KB
51 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.2/firebase-database.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afac2763540bda716fa9ce365c1786692f62b0ad0e8f212c72691792de10e9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52292
x-xss-protection: 0
last-modified: Thu, 20 May 2021 20:27:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:31:37 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.6.2/ 21 KB
7 KB 87ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.2/firebase-app.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1f024aea71a13c24008447791866ec4f4bf16fd7dd9b359c91ba7559b5e0248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 06:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6919
x-xss-protection: 0
last-modified: Thu, 20 May 2021 20:26:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 06:03:18 GMT

GET
H2 200 home-2cbbf0185b75d3063dd5ecd1d6e5dd24.js Show response
cdn1.desidime.com/assets/js_manifest/ 687 KB
194 KB 33ms
32ms Script
application/javascript 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.desidime.com/assets/js_manifest/home-2cbbf0185b75d3063dd5ecd1d6e5dd24.js
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9863d076cd8cd43ff307a7260e1a5bd5e9bd2a375ef03fdd284f624c4578d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: O8_tDmhjYLNelnGjpgjUSBdQBU_a9gM4
cf-cache-status: HIT
x-amz-cf-pop: MUC50-P1
age: 1274651
cf-polished: origSize=705185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 19:14:23 GMT
server: cloudflare
etag: W/"b6bbd5f07b4756a238d0de9f1efb0166"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8273fdfd0a991e50-FRA
x-amz-cf-id: gY747cSJ3AT-fo7oTfUopofwzzzt21sFOyA0UeU4X10b0BAFCjbOYw==

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 101ms
52ms Script
application/javascript 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tVZgW8SMrcFoey4baHq-Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tVZgW8SMrcFoey4baHq-Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
30 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6909ce80dc8ae239cb392f85b7e99f3efb81c85060b396b2d45029a9ddbff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30344
x-xss-protection: 0
server: cafe
etag: 243 / 19678 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 410 KB
88 KB 120ms
63ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MPZ2RT

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e775f060fd0cc0ebd3685f71c0f6a5ab9c90760a2872cfba7f5dd9c42a5a539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89667
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20556
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 19:10:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 909ms
908ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_TOP_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&didk=3614186384&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358820&lmt=1700182358&adxs=727&adys=40&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=728x90&msz=728x90&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=4036799899&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0484e55dd56acdbcfbe08673ff2f10adfd9779a870d15d422c78ca0bfa97c0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10125
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
39 KB 2226ms
2225ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_HP_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&didk=2282252027&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358827&lmt=1700182358&adxs=140&adys=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=980x90&msz=980x-1&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=926184696&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa73adf7bdf81de1d5ea4fe541f1edb22b0f2b3933e435a57afaceaefbbf2e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39731
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
45 KB 540ms
539ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_HP_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&didk=2282252016&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358830&lmt=1700182358&adxs=140&adys=2699&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=980x90&msz=980x-1&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=4285566827&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78f5727816ce8d5f78fb1b17840749e92b3ad37851976810e832047b22688bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45837
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1495ms
1495ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_HP_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=1795595786&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358832&lmt=1700182358&adxs=140&adys=3874&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=980x90&msz=980x-1&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=3625539265&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f4a29ef4b8846abfcc50cbd52d656b03372863814ddf052dddee0ba79d8a113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11186
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
45 KB 1160ms
1159ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_HP_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&didk=1795595791&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358833&lmt=1700182358&adxs=140&adys=5049&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=980x90&msz=980x-1&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=3000999637&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddebd3a7704ae84613f79a37c67261a5b25aaa0a9774263baa3b1320a92af0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46023
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 123 KB
46 KB 1881ms
1880ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2965325553841341&correlator=2288082251591175&eid=31079672%2C31079658%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=12800975%2CDD_Desktop_HP_RightMID_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&didk=2282252026&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700182358835&lmt=1700182358&adxs=1140&adys=1022&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.desidime.com%2F&vis=1&psz=320x250&msz=320x-1&fws=4&ohw=1600&ga_vid=832860752.1700182359&ga_sid=1700182359&ga_hid=1021196645&ga_fc=false&dlt=1700182358345&idt=440&adks=4215283492&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aef236df72707aaf315929934f96ed3a673341d9f8b94a9f8df5dd332d83790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46969
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73B3 6 KB
3 KB 118ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 5C3D 9 KB
4 KB 62ms
25ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:16:38 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 17:16:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 60ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C31079629%2C44795921%2C44809003%2C31078297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 22ms
22ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2614
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8273fdff4bfb6957-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 00:52:38 GMT

GET
H2 200 home-9406e190c44ec9a9ff84470351f2f948.css
cdn1.desidime.com/assets/css_manifest/ 134 KB
29 KB 23ms
22ms Stylesheet
text/css 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.desidime.com/assets/css_manifest/home-9406e190c44ec9a9ff84470351f2f948.css
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b67352845c1c11bd4ae5577507951ce19f5100dadd1df06ecb795fa3e5e8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: gGcvV.8jjXlpyFajE_Xdg7pbnMgJ.PGl
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 557254
cf-polished: origSize=137937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Wed, 18 Oct 2023 03:10:06 GMT
server: cloudflare
etag: W/"780978f863f4c4f868bc885ece3e98f8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8273fdff5bba1e50-FRA
x-amz-cf-id: y-9Ys48no_J2hLDF7KxxYV-9AupaXubY18L7CuplgMEsvzic95dpLg==

GET
H2 200 token-input-facebook-c81cf6069ca122709efcb90de91b7621.css
cdn3.desidime.com/assets/ 2 KB
923 B 20ms
20ms Stylesheet
text/css 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.desidime.com/assets/token-input-facebook-c81cf6069ca122709efcb90de91b7621.css
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f04461f04df05180cd8855bc4224485d90fa002e0da6303d237e2f4eb793a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: QeSbxq.XrNvnFaSoV2PEuU97FTaFbsoj
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 670341
cf-polished: origSize=2076
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Mon, 07 Jun 2021 09:27:42 GMT
server: cloudflare
etag: W/"70cd577cd1b7a303bb8cf0d0256f10ac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8273fdff5bbb1e50-FRA
x-amz-cf-id: wlUU-yO0OonQ9CVES8rZ919MrEitnXryeDXVRkS_H4jxxagW1U7nTw==

GET
H2 200 Desidime-Desktop-logo.png
cdn1.desidime.com/ddb/festival-logo/ 7 KB
8 KB 31ms
29ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/ddb/festival-logo/Desidime-Desktop-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3dd3a49b2693a35918b39fd2910af5d34fa954d22f256a624210896a2363e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-version-id: WULKiPywbHWGT01N7GnvPiYCggLawxoX
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=8704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="Desidime-Desktop-logo.webp"
content-length: 7612
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 10:08:06 GMT
server: cloudflare
etag: "839442f0e6a7a3042423701ea56010db"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdff6bc81e50-FRA
x-amz-cf-id: l3irhcllQrPSYZgWYlsMhbBGCgW1w-i33BXYXC_Wi1DhoNm6Zi7yTw==

GET
H2 200 1400-BY-160-DESKTOP-BANNER.png
cdn3.desidime.com/merchants/1662/original/ 97 KB
97 KB 25ms
23ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/merchants/1662/original/1400-BY-160-DESKTOP-BANNER.png?1700049583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c2579c1d9bb249b77e4ac802500f37e4834e328c0ebc59f0dd125b5743555e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-version-id: XcenKkwjgv22P1oBolwAFH7HKPxd_s43
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 63468
cf-polished: origFmt=png, origSize=146063
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="1400-BY-160-DESKTOP-BANNER.webp"
content-length: 98824
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Nov 2023 11:59:45 GMT
server: cloudflare
etag: "8340e0eb950ba88a4ecdcf6a450ea2f4"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bca1e50-FRA
x-amz-cf-id: w5kZZYKkLctC1euXyEQ7xEcRHdJsAY5OoOL_v39_I_Ds8oebcfr9wg==
expires: Sun, 06 Nov 2033 08:22:09 GMT

GET
H2 200 61zkYc2CoeL._SL1500_.jpg
cdn0.desidime.com/topics/photos/1694469/medium/ 3 KB
3 KB 26ms
24ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1694469/medium/61zkYc2CoeL._SL1500_.jpg?1700139561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae507d06f2f0653e02a7ad15bdf40e2f3a024421c93c04abf3cbc0ee7e8fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-version-id: DxD9RU9va9puYibLajLrqSUkfNX0PG5u
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 39358
cf-polished: qual=85, origFmt=jpeg, origSize=3452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="61zkYc2CoeL.webp"
content-length: 2634
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 12:59:25 GMT
server: cloudflare
etag: "45fdb0f49795bb394a4ebe8f93a43726"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bce1e50-FRA
x-amz-cf-id: TlHSFo6njNomFeXzWC2wPYTgQlerAJ1zkcs09VLDO0FoV-53CJLaGg==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 387870148_2332358486957728_5941674527254832618_n.png
cdn0.desidime.com/avatars/1119062/thumb/ 2 KB
2 KB 35ms
33ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/avatars/1119062/thumb/387870148_2332358486957728_5941674527254832618_n.png?1697290736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b91b10b2cfa813b7e4fa606b97f3f5dc9001f60a13f1fe37e80e0a0f36c1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-version-id: arVGH7FATV9cCTOjBnf1HiaFAUSJs8FZ
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=2659
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-disposition: inline; filename="387870148_2332358486957728_5941674527254832618_n.webp"
content-length: 1906
cf-bgj: imgq:85,h2pri
last-modified: Sat, 14 Oct 2023 13:39:00 GMT
server: cloudflare
etag: "e7eab7ce5ffab846960848fb33c7b4f6"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdff6bcf1e50-FRA
x-amz-cf-id: _PW2ksO6KgJ6zJ4FaJ22-XkJ78VSL9ddDB4TfaG1VGHzxQszWbNGbg==

GET
H2 200 51ljtUbqDaL._SL1080_.jpg
cdn0.desidime.com/topics/photos/1694465/medium/ 5 KB
5 KB 23ms
22ms Image
image/jpeg 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1694465/medium/51ljtUbqDaL._SL1080_.jpg?1700139430
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7bf430b34c204a62f05ea0d6650381a3a5051d7d3c5e746d552ec2730f64c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 bf57ce1929fb438631e46b2c83b05e2a.cloudfront.net (CloudFront)
x-amz-version-id: PkQ72sie2il8LNxyIJERJ.sAHUQpsb0z
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P1
age: 40371
cf-polished: origSize=4925, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4803
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 12:57:14 GMT
server: cloudflare
etag: "7dc640dc88e52922977ec58e83ce4dc6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bd01e50-FRA
x-amz-cf-id: pL8vMuldowPj9M6mNR3kkbzYXexkKCzQdB55qYJx6iDAgJvREKFTAQ==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 missing.png
cdn1.desidime.com/avatars/default/thumb/ 2 KB
2 KB 45ms
44ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/avatars/default/thumb/missing.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e47cc7f7eaff0ada95459a7290a5cb4d311b790cd1a248d2d5ef940cad12ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=png, origSize=5353
x-cache: Hit from cloudfront
content-disposition: inline; filename="missing.webp"
content-length: 1554
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Sep 2015 11:24:48 GMT
server: cloudflare
etag: "42ed1970a2bcf041085a7e1e906dbc54"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: https://www.desidime.com
vary: Accept
access-control-allow-credentials: true
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdff6bd21e50-FRA
x-amz-cf-id: B-SxZ-5sTCC91uDB515xgKKD1cx5IW94KKmtGYrRqSgu3OlBdxLZ3A==

GET
H2 200 611rQWZa5rL._SL1200_.jpg
cdn0.desidime.com/topics/photos/1693546/medium/ 6 KB
6 KB 23ms
22ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1693546/medium/611rQWZa5rL._SL1200_.jpg?1700032731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e79e8f5b66383e7d3a9735262c21fd4783cd36cecc7d32509a1f84b5e255ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-version-id: qutvEtXr6TME.DIlpNKhFs2MlVG2LXZu
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 120564
cf-polished: qual=85, origFmt=jpeg, origSize=8190
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-disposition: inline; filename="611rQWZa5rL.webp"
content-length: 6190
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Nov 2023 07:18:55 GMT
server: cloudflare
etag: "f9776112a1a9aafb9f69d620563ca1a3"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bd31e50-FRA
x-amz-cf-id: b6xMeus4rPkdv6t3kp69MJiAk21XXSfae8b7eGrp56RAsc55A7AvVA==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 1583941887011.jpg
cdn0.desidime.com/avatars/970949/thumb/ 334 B
683 B 39ms
38ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/avatars/970949/thumb/1583941887011.jpg?1660739409
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1e627b45613aaafc2dbf20a8f619a9b19b7887fac9587531f49941f0b4d71b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-version-id: GJ_Ls7JxGkVlL4m7RENJzt2ASe.8YOpA
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: qual=85, origFmt=jpeg, origSize=769
x-cache: Hit from cloudfront
content-disposition: inline; filename="1583941887011.webp"
content-length: 334
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 Aug 2022 12:30:13 GMT
server: cloudflare
etag: "3a0b48ef9d2c576492228b9e156b0d37"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fdff6bd51e50-FRA
x-amz-cf-id: Wlfv_WkyB5duFqD0Q1Gyq9GK0X0_EXeHhkRL4oHFySW2GePmuWAw5g==

GET
H2 200 51GXA-DqnML._SL1000_.jpg
cdn0.desidime.com/topics/photos/1694478/medium/ 4 KB
5 KB 20ms
20ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1694478/medium/51GXA-DqnML._SL1000_.jpg?1700140046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde1aec3e3ca9697f7042f25a0295913bacb5c1cdbdb51c98faf5145d152d13e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-version-id: ZDoNvHFfeyMxHongvxESkY4POZonjUzU
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 39358
cf-polished: qual=85, origFmt=jpeg, origSize=5972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="51GXA-DqnML.webp"
content-length: 4304
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 13:07:34 GMT
server: cloudflare
etag: "530f34ea52f30a8fa6d7ae95f80c643e"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bd71e50-FRA
x-amz-cf-id: 5feX7L9rEynybXJiUOdjHIsvk7TDr9erv-XlGW_s5SzoyofnXJbXJg==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 61KiNjuHm-L._AC_UF1000_1000_QL80_.jpg
cdn3.desidime.com/topics/photos/1694690/medium/ 8 KB
8 KB 35ms
34ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/topics/photos/1694690/medium/61KiNjuHm-L._AC_UF1000_1000_QL80_.jpg?1700171624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40e051944d94ffaaccff2e8ac17ea029dd5db43666bc7d9ba8a47a350f0b430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-amz-version-id: XB8zLu_oYBzG_H5_8YGzxiefI5BRf8qo
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: qual=85, origFmt=jpeg, origSize=8904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="61KiNjuHm-L.webp"
content-length: 8124
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 21:53:48 GMT
server: cloudflare
etag: "4a3aad8c4a2be50de8ace813d6220317"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fdff6bd81e50-FRA
x-amz-cf-id: nsiay___M2ALNdblQSzdYGrCGhoxf6WLRKz2UMHnAYbplnyg6GFgUA==
expires: Fri, 28 Oct 2033 03:26:55 GMT

POST
H3 200 log Show response
accounts.google.com/gsi/ 0
23 B 71ms
38ms XHR
text/html 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/log?client_id=undefined&as=undefined&event=id.init.relativeLoginUri.%2Fauth%2Fgoogle_single_signon%2Fcallback%3Ftype%3Dgoogle_single_signon

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-TgHbBW4dqbOrM1zTB7nmmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-TgHbBW4dqbOrM1zTB7nmmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.desidime.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V9BTo3MQWGtSWlJVjR8nEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-V9BTo3MQWGtSWlJVjR8nEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
91 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZRDRKHNK24&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPZ2RT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f433b67e85c07424ed3119ac4b1af84764d64d3802433990f7b40c31e366624d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 00:52:38 GMT

GET
H2 200 6dbcf42a-c870-491e-837f-3cc5030f87ed.js Show response
cdn.mouseflow.com/projects/ 60 KB
17 KB 52ms
18ms Script
application/javascript 2606:4700::6812:1a32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/6dbcf42a-c870-491e-837f-3cc5030f87ed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPZ2RT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70dc140203ee87c1464d4605fe9c84fd642f5d88b596f9f827a50b39174da77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 427733
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-mf-script-region: EU
last-modified: Tue, 04 Oct 2022 10:39:25 GMT
server: cloudflare
etag: W/"2428b492ddd7d81:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8273fdffcb8f193c-FRA
expires: Sat, 18 Nov 2023 00:52:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPZ2RT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 23:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5755
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 01:16:44 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPZ2RT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220102-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 33ms
11ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 00:52:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: q9DJuaKuw8+FJ+dfcjz7krv54v89KlwuURBErMH7OkcXvVwJxyEQ5H8lS8+ImKoMdeTIhl6geddrYuUrdIeQOQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET icoparity.woff2
cdn5.desidime.com/fonts/v10/ 0
0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onLoadCallBack

Requested by

Host: cdn1.desidime.com
URL: https://cdn1.desidime.com/assets/recaptcha-51e379348f52a06e59ec4a60fb3b914f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed0502935bde868fba51465b4526d98494bb34dcdccc394e90debe3df534adb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
39ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b78788085dca5634d2adc737b9b87d59e8d12436370e9039fcede1a8ba6340f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12337
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 45ms
45ms XHR
application/json 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=314680120729-bdnunf559llimp47lv3nl1g9u11evkec.apps.googleusercontent.com&as=am2iS6GLC0ZCiiq85E7Cqg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6853889195694e1de574634b798195d4d3ac8481dc33194084053c7f8ac75ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tyaOJuTkkN9Lo__Epg6kmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tyaOJuTkkN9Lo__Epg6kmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.desidime.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rum Show response
www.desidime.com/cdn-cgi/ 0
125 B 17ms
16ms XHR
text/plain 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.desidime.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.desidime.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8273fe006c6a1e50-FRA

GET
H2 200 web Show response
onesignal.com/api/v1/sync/4d44b34e-d788-4940-b68b-0d7294eb3bfb/ 3 KB
2 KB 82ms
66ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/4d44b34e-d788-4940-b68b-0d7294eb3bfb/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592331e4c972272f84ce4e2bb725e38e96ce4f12765371b052c10465d02d52a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b7291713-a3a5-4144-9174-961bd71a0500
x-runtime: 0.035812
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"592331e4c972272f84ce4e2bb725e38e"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8273fe008c636957-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 17 Nov 2023 01:52:39 GMT

GET
H2 200 icoparity.woff
cdn0.desidime.com/fonts/v10/ 101 KB
52 KB 41ms
22ms Font
application/font-woff 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.desidime.com/fonts/v10/icoparity.woff
Requested by: Host: cdn1.desidime.com
URL: https://cdn1.desidime.com/assets/css_manifest/home-9406e190c44ec9a9ff84470351f2f948.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf2f23e78a4e8fe23e638fb7768111ddca56c2f34393a205b61cbe33ecab389

Request headers

Referer: https://cdn1.desidime.com/
Origin: https://www.desidime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
x-amz-version-id: HA5DBO1B3Yub0wATGp2RJ.T.DcO0jhuv
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: AMS58-P1
age: 3608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 17 Oct 2023 14:33:49 GMT
server: cloudflare
etag: W/"65fe816986795e7e8e800b2a2bf63447"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: https://www.desidime.com
vary: Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=14400
cf-ray: 8273fe00cd362c1a-FRA
x-amz-cf-id: r8mVo_mO0dTNPlRGrkbTu1L5PnRG647WfbOK9mr8_-jwZDP5TVF64w==

GET
H2 200 adsct
t.co/1/i/ 43 B
227 B 237ms
193ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ab3d7cc6-9be2-447a-91ad-a42f12bf4969&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=237fdfe3-badd-41f0-ad23-25333288b420&tw_document_href=https%3A%2F%2Fwww.desidime.com%2F&tw_iframe_status=0&txn_id=og3i2&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 180
date: Fri, 17 Nov 2023 00:52:39 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 10f6368cd8889430
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d02c813ba8d9a362bcbd31934d95fe97ca6a72b0616450c0a725dc91eecaffbe
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 159ms
117ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ab3d7cc6-9be2-447a-91ad-a42f12bf4969&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=237fdfe3-badd-41f0-ad23-25333288b420&tw_document_href=https%3A%2F%2Fwww.desidime.com%2F&tw_iframe_status=0&txn_id=og3i2&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 17 Nov 2023 00:52:38 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0ecb60e783bc6449
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 86b55699896edbdfaeecafc6a00d74a84129ae14fed54204193606c0fb4e092f
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 174ms
131ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=dab65f3c-04fe-450f-a5a2-0f8ee5239cb6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=237fdfe3-badd-41f0-ad23-25333288b420&tw_document_href=https%3A%2F%2Fwww.desidime.com%2F&tw_iframe_status=0&txn_id=tw-og3i2-ogqkw&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 118
date: Fri, 17 Nov 2023 00:52:38 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a3ba73dd2725de2c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d02c813ba8d9a362bcbd31934d95fe97ca6a72b0616450c0a725dc91eecaffbe
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
545 B 164ms
123ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=dab65f3c-04fe-450f-a5a2-0f8ee5239cb6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=237fdfe3-badd-41f0-ad23-25333288b420&tw_document_href=https%3A%2F%2Fwww.desidime.com%2F&tw_iframe_status=0&txn_id=tw-og3i2-ogqkw&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 17 Nov 2023 00:52:38 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a01054098dca1a6d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 86b55699896edbdfaeecafc6a00d74a84129ae14fed54204193606c0fb4e092f
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 21ms
20ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021196645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.desidime.com%2F&ul=en-us&de=UTF-8&dt=Online%20Shopping%20India%20%7C%20Best%20Deals%20%7C%20Top%20Deals%20Online%20-%20Desidime&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=686046921&gjid=1820644510&cid=832860752.1700182359&tid=UA-3652252-20&_gid=95282242.1700182359&_r=1&_slc=1&gtm=45He3b81n71MPZ2RTv71588633&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1365486823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 82ms
32ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 298688373647165 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 61ms
59ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298688373647165?v=2.9.138&r=stable&domain=www.desidime.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dea665148650bc173310c89b4f3526f99e799471a6f56928f7ae6f357cb0b22c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 00:52:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Y5OdlzqG0hOWqkCw/XLwYKclgYldUM0bM1yYmCxH2FTAL/TdeVsLqUWajcKIUEvA8NwAqbWIuoGJ9P8KJm0lJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 46ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZRDRKHNK24&gtm=45je3b81v9103612414z871588633&_p=1700182358623&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=832860752.1700182359&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700182359&sct=1&seg=0&dl=https%3A%2F%2Fwww.desidime.com%2F&dt=Online%20Shopping%20India%20%7C%20Best%20Deals%20%7C%20Top%20Deals%20Online%20-%20Desidime&en=page_view&_fv=1&_ss=2&tfd=1994
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZRDRKHNK24&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 60ms
20ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZRDRKHNK24&cid=832860752.1700182359&gtm=45je3b81v9103612414z871588633&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZRDRKHNK24&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZRDRKHNK24&cid=832860752.1700182359&gtm=45je3b81v9103612414z871588633&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=617260575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 104ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onLoadCallBack

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Origin: https://www.desidime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:26:55 GMT

GET
H2 200 Flipkart-Logo-2015-present.jpg
cdn3.desidime.com/merchants/1/medium/ 5 KB
5 KB 25ms
23ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/merchants/1/medium/Flipkart-Logo-2015-present.jpg?1659952678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84eab0b8cfc6bee99cbc07957869496eb78d2f3af739da983f5d92f7f42aba16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-version-id: H4Dmy_gaVsJIAjcjWdt.UnikP8kWvnFP
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: qual=85, origFmt=jpeg, origSize=9453
x-cache: Hit from cloudfront
content-disposition: inline; filename="Flipkart-Logo-2015-present.webp"
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Aug 2022 09:58:04 GMT
server: cloudflare
etag: "9a9eacd8b7c7600444c558dacb0aa92b"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe015ce81e50-FRA
x-amz-cf-id: rl2l2XBjOI86QT3gYzqdlsz9xUhHoKt6gP4pk5OvuZ-pQj2Bxb2uCg==
expires: Thu, 05 Aug 2032 06:23:52 GMT

GET
H2 200 Flipkart-Logo-2015-present.jpg
cdn2.desidime.com/merchants/1/medium/ 5 KB
5 KB 21ms
20ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.desidime.com/merchants/1/medium/Flipkart-Logo-2015-present.jpg?1659952678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84eab0b8cfc6bee99cbc07957869496eb78d2f3af739da983f5d92f7f42aba16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
x-amz-version-id: H4Dmy_gaVsJIAjcjWdt.UnikP8kWvnFP
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P1
age: 44211
cf-polished: qual=85, origFmt=jpeg, origSize=9453
x-cache: Hit from cloudfront
content-disposition: inline; filename="Flipkart-Logo-2015-present.webp"
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Aug 2022 09:58:04 GMT
server: cloudflare
etag: "9a9eacd8b7c7600444c558dacb0aa92b"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe015cea1e50-FRA
x-amz-cf-id: C3Grc9xJqLzo38fP0oJp9-HKS7NDoPaQJ7coYg2oinZMxPnnWL6iQQ==
expires: Thu, 05 Aug 2032 06:23:52 GMT

GET
H2 200 classic.jpg
cdn3.desidime.com/topics/photos/1694685/medium/ 9 KB
9 KB 24ms
24ms Image
image/jpeg 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/topics/photos/1694685/medium/classic.jpg?1700166647
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd3a1770a2192e0f92fd84242e190c2c00699490f69534fd86774b5e7ea01ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-version-id: jdfEYvrxSdQpNGKW1uJXbH5n6lBCV_u9
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=15747, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9308
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 20:30:52 GMT
server: cloudflare
etag: "be94f38f4fbde4ba1059214ce3058211"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe016cf41e50-FRA
x-amz-cf-id: VAjL_gh-mS3zWvwYsVU0DUQmFcqBAFyCf_ZmgKkPoi54c3rYj7QBEg==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 Flipkart-Logo-2015-present.jpg
cdn0.desidime.com/merchants/1/medium/ 5 KB
5 KB 18ms
17ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/merchants/1/medium/Flipkart-Logo-2015-present.jpg?1659952678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84eab0b8cfc6bee99cbc07957869496eb78d2f3af739da983f5d92f7f42aba16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-version-id: H4Dmy_gaVsJIAjcjWdt.UnikP8kWvnFP
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 280273
cf-polished: qual=85, origFmt=jpeg, origSize=9453
x-cache: Hit from cloudfront
content-disposition: inline; filename="Flipkart-Logo-2015-present.webp"
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Aug 2022 09:58:04 GMT
server: cloudflare
etag: "9a9eacd8b7c7600444c558dacb0aa92b"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe015ceb1e50-FRA
x-amz-cf-id: 5a6Vs9Wg1lXWIk8FeA_LG9EwtmU5AnDIMa8IwT5Kq7Heidm04g2Ocg==
expires: Thu, 05 Aug 2032 06:23:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3652252-20&cid=832860752.1700182359&jid=686046921&gjid=1820644510&_gid=95282242.1700182359&_u=YAhAAEAAAAAAACAAI~&z=1422499873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 105ms
55ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.desidime.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298688373647165&ev=PageView&dl=https%3A%2F%2Fwww.desidime.com%2F&rl=&if=false&ts=1700182359267&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700182359266.806375908&ler=empty&it=1700182359182&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 00:52:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
10ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298688373647165&ev=ViewContent&dl=https%3A%2F%2Fwww.desidime.com%2F&rl=&if=false&ts=1700182359269&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700182359266.806375908&ler=empty&it=1700182359182&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 00:52:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BA5 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:42:54 GMT
expires: Fri, 15 Nov 2024 13:42:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2DD4 829 B
922 B 25ms
24ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee19343ddab645d1b2a9fb02d67b2e4568f25d2fc892b2c5453cc74870436418

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_WofjaDct41_3BudFrQARw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_WofjaDct41_3BudFrQARw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Fri, 17 Nov 2023 00:52:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 26B5 60 KB
34 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=poe76j9j5j0c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0256594ae9dcfaa58023e80f3db91403cfe41220ad5427256be45c9e4df73f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jVyDie3MFvyROYJeYxthCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jVyDie3MFvyROYJeYxthCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BD59 61 KB
34 KB 55ms
54ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d677de3ca73bea34b10dc238642bdbeb1a05e5e4aeacbb1aac3eb050612a1e92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-19Ead30aMLhLjRxXtJBOKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-19Ead30aMLhLjRxXtJBOKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 26B5 55 KB
24 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=poe76j9j5j0c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 16:57:59 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 26B5 468 KB
188 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:26:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 21ms
21ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021196645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.desidime.com%2F&ul=en-us&de=UTF-8&dt=Online%20Shopping%20India%20%7C%20Best%20Deals%20%7C%20Top%20Deals%20Online%20-%20Desidime&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjACEABBAQCACAAI~&jid=655802039&gjid=939014177&cid=832860752.1700182359&tid=UA-3652252-7&_gid=95282242.1700182359&_r=1&_slc=1&gtm=45He3b81n71MPZ2RTv71588633&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1492889877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame BD59 55 KB
24 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 16:57:59 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame BD59 468 KB
188 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:26:55 GMT

GET
H2 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C6C 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Ideal_circles.GIF
cdn0.desidime.com/avatars/25016/thumb/ 928 B
1 KB 425ms
423ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/avatars/25016/thumb/Ideal_circles.GIF?1388070014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6cb04a54a12563b9c79bd73552c68f885e64163a82575398dc2715faca7c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origFmt=gif, origSize=1347
x-cache: Hit from cloudfront
content-disposition: inline; filename="Ideal_circles.webp"
content-length: 928
cf-bgj: imgq:85,h2pri
last-modified: Thu, 26 Dec 2013 15:00:21 GMT
server: cloudflare
etag: "3729b6964d5d9deaa0ba5865ba8e7b31"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe029d8a1e50-FRA
x-amz-cf-id: X3RKr8jp1G02Z1aYnazaW0_JFXW50EwQ6u2umcQ6tRK2pGGLupjFfQ==

GET
H2 200 271066_sdknky.png
cdn0.desidime.com/topics/photos/1693461/medium/ 8 KB
9 KB 28ms
27ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1693461/medium/271066_sdknky.png?1699970079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e1e074995ea62b5d9c6352186b7fcb4551c21886f6b229bffaca3f0d12e0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-version-id: OEL3SzJ6u_sOFnsKL3gb5qXeVsN3e25V
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 76236
cf-polished: origFmt=png, origSize=16725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="271066_sdknky.webp"
content-length: 8490
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Nov 2023 13:54:44 GMT
server: cloudflare
etag: "550c410a0b6940eb48fa619711192299"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe029d8b1e50-FRA
x-amz-cf-id: nuV3q58Nds_79eRlLY-b2hrtKoBnUOv3neNEPPwuZBEXtR22ksRUxA==
expires: Fri, 28 Oct 2033 03:27:34 GMT

GET
H2 200 FBVQB0YWQAA7qFp.jpg_large
cdn3.desidime.com/avatars/1317731/thumb/ 993 B
1 KB 37ms
36ms Image
image/jpeg 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/avatars/1317731/thumb/FBVQB0YWQAA7qFp.jpg_large?1697794144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18bd5cb25f5dbedc0e45cda3522fa44fc2b4b457118c2835bd9379a493be3447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
x-amz-version-id: ZWkFO_imyyeVwUNu4cMnXQb31TYXlN_S
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-C2
age: 61813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 993
last-modified: Fri, 20 Oct 2023 09:29:09 GMT
server: cloudflare
etag: "781d4db033e0375ad1968e34efa6f379"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8273fe029d8d1e50-FRA
x-amz-cf-id: WP2PBA9fbXxwgMFU6SVDfKCgoBkXdgN64-MbvL5_XEBkNCj5Nm6V7A==

GET
H2 200 IMG_20220928_233712.jpg
cdn1.desidime.com/avatars/735776/thumb/ 666 B
983 B 41ms
41ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/avatars/735776/thumb/IMG_20220928_233712.jpg?1664388459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a962170e2fdadf93e36953667208d2a7d6a5957a06ff37106fef3a36cf9f1394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-version-id: MBQqSI9Kcdx.iuTGwLXcO_b_dDrgEfSp
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: qual=85, origFmt=jpeg, origSize=2430
x-cache: Hit from cloudfront
content-disposition: inline; filename="IMG_20220928_233712.webp"
content-length: 666
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Sep 2022 18:07:44 GMT
server: cloudflare
etag: "26258833973929f525e27e2ce4dbce94"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe029d8e1e50-FRA
x-amz-cf-id: 3oMRMoljqOJxDR5U61gIYMDJgolNdhJM8E-SQQY362cwXU1Sm3-dNw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 31ms
28ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3652252-7&cid=832860752.1700182359&jid=655802039&gjid=939014177&_gid=95282242.1700182359&_u=YCjACEABBAQCACAAI~&z=1808327669

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.desidime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.desidime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2DD4 0
0 66ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=2965325553841341&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BA5 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F611 624 B
538 B 40ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivybP8ATAB&v=APEucNV77Q_b0wiYmbWxTfnKB4_ktAeUfGAeHvIFUfp4W8jfEbF2zPAQAcd8sgLES7hJF3l1RfWIQ8BR4-WZE1t4vOaWs_qORCDWGLoyi4EhAqnAGAjVXVdRqrv-wNRA_1DAQxKR2QEA9WTCNvT-s-D3jDWFhNjTIlIqyGa3cWxz1MD8GjCxj6k

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Fri, 17 Nov 2023 00:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8C6C 172 KB
61 KB 61ms
13ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Origin: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:16:58 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 8C6C 7 KB
3 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8C6C 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C6C 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8C6C 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8C6C 20 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C6C 42 B
63 B 61ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_SqqauN2JHxy27U5eOBza0CUD38enG_ojRwWEWLZNqHS1okey1GUmrmdChwINxb1wTMoDKjHg3RWbTdCJIwXtnKghCDooPMvek90_QR086BS0eFk

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C6C 203 KB
64 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 25ms
24ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3652252-7&cid=832860752.1700182359&jid=655802039&_u=YCjACEABBAQCACAAI~&z=1551839488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 25ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3652252-7&cid=832860752.1700182359&jid=655802039&_u=YCjACEABBAQCACAAI~&z=1551839488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F611
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1

43 B
340 B

22ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivybP8ATAB&v=APEucNV77Q_b0wiYmbWxTfnKB4_ktAeUfGAeHvIFUfp4W8jfEbF2zPAQAcd8sgLES7hJF3l1RfWIQ8BR4-WZE1t4vOaWs_qORCDWGLoyi4EhAqnAGAjVXVdRqrv-wNRA_1DAQxKR2QEA9WTCNvT-s-D3jDWFhNjTIlIqyGa3cWxz1MD8GjCxj6k
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnZcv7py0mc8zhPcQpv6FFcLTWe1ilGWfU9JowWMFGVYmeNJDbCLwRrwyD4KiTN%2BAHok07smQIid2nAGaTbbJ9jE2odQcN%2FScQanGmFzRe%2BX7Rvd1%2BEa%2FOI7nGMS0TuRo5xJW88hdIYu%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8273fe042882360e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F611
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVa5V.LRRh0FnLbi3LvvLwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2

43 B
768 B

26ms
26ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivybP8ATAB&v=APEucNV77Q_b0wiYmbWxTfnKB4_ktAeUfGAeHvIFUfp4W8jfEbF2zPAQAcd8sgLES7hJF3l1RfWIQ8BR4-WZE1t4vOaWs_qORCDWGLoyi4EhAqnAGAjVXVdRqrv-wNRA_1DAQxKR2QEA9WTCNvT-s-D3jDWFhNjTIlIqyGa3cWxz1MD8GjCxj6k
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y61EdOxp9GyhLWzAwpNizUo0EP885MNdqZtENfUsi4MXyORlblax%2BK23P%2B1bGzvxU4IPCAVpLz3erGPjWM0CBlXiQXyJSgDma9Qb562wXpXhbmdtfcCGqnYdxLvKa3JYmMM4Sq2txrYclg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8273fe046e62929c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F611
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

43 B
842 B

17ms
17ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARivybP8ATAB&v=APEucNV77Q_b0wiYmbWxTfnKB4_ktAeUfGAeHvIFUfp4W8jfEbF2zPAQAcd8sgLES7hJF3l1RfWIQ8BR4-WZE1t4vOaWs_qORCDWGLoyi4EhAqnAGAjVXVdRqrv-wNRA_1DAQxKR2QEA9WTCNvT-s-D3jDWFhNjTIlIqyGa3cWxz1MD8GjCxj6k

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
an-x-request-uuid: a3053d35-0786-4bda-bc2d-e243708c01a8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.140; 178.162.209.140; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F611
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
an-x-request-uuid: 18e3bc12-69a8-4f90-bec0-57b5cfecc836
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D
x-proxy-origin: 178.162.209.140; 178.162.209.140; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 26B5 102 B
135 B 27ms
27ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=poe76j9j5j0c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BD59 102 B
135 B 25ms
23ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9&co=aHR0cHM6Ly93d3cuZGVzaWRpbWUuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1rtj54bbsq4p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
DATA 200
OK truncated
/ Frame 8C6C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8b6a1991b007efcd90c77cf93e5df068fcb69ac1372a506de7a955b230c50b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D073 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 76A6 47 KB
12 KB 83ms
49ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Sat, 16 Nov 2024 00:52:39 GMT
last-modified: Wed, 15 Feb 2023 15:44:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8C6C 0
0 125ms
69ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvUeE0kiJCtClVcBFpd8XoehVnrOgrW6d09XwrNJ25pytpcimMzZ_POj8red9wiqIU7KR2v9aJqgcQYFmERH7Ys9w0oiEDEdxxyzXxwg7Tbh8wQcMwqN_x28SrvEJy_HzjIMHrZdJnkpRGUmZ_uu0KhrFpdBWZGFTEl5oCVt0t917B94CFYAdlEkB0f3I7OUs0Oi1OAUbh93MXaiNXAVT440ZuLFeN4E5LKwcI5Dv7lXERRBHSm4mjesgtQKbq0jk4pZc1D867l77GEGxvbge37LsONhp850F88LyRgWDpvSyS-Xp8QjlZKdWkeOpG-OJiv3snpJ-1QkT_9au9dheCsmG8EEqCmDCF6dFT-Ie-iv97IpzZvkgHLxVHu2yODwGLhi_4B1EojpL2U-i5BANcrUUm-iVqzxc8AjaIMNeYHykvMJxgm-WsJI-q6Zsqu9Nlf_zKkfXrWhncfpH7AsHXC57YMfI93rTDuFB6FplvKJOGMYfxbsIXO6CX8FYFMrSy0K_RvwOZ2JlO-iYZQT4sUwAMozj8ztAFuXu9l3kP81-wq-TyvrtpHIFQBBzxeqsR8RPVmDmp0PxpyZm3AEFjoHp0qVWcQT7DI_KC5mH3aanlxUoe5TBDxId5j5E1NaJ-6kLtsmualqTgKDYKoIr4zYPHTgCB2_QSBpg63ZWO8uTg_I1UrItpj0qEbe79pkCzeEsMdxkwJgaF6hidMIZqLkV6GYPgBV4c3SMvZMvJEkP1LcDy6tJM67L8zj8srs28J-CZcUHYHr9M3CPn0UUvq9QicRxI4G88MAP9UvMAad4RDFIAXBueNzN5Dho9Ud50eFNq5UVUaEeeQP3DgrX1BNuhr5rWeyn410KYIfeB5ldL79u4nnRYPNeY-kHg5hQ8qJiSFptrUw3l1NKUe1cc3SN6NrEVU3nCoAQvV9_2x6TLRiFSL7RAVxwzlFE2tOtcbHeO07PNLKW4V55ybEVHLJYbxa7mXikkW-tzeGSG-Uf39SZYRLT16T-MCL5HBky2T5jk9E8L6e16Odm0WJzACCYXRAT93wEVBeQYyRsbDkwk2Q74-boKkzwAADL_BndYqz96sZjrpFfPXvmViQwT2giTd4g4yLLCm_SHgbBD-YEhr-xr_gyorIQvwAm8-ITz8Igq9FmkIcu5vQ5SNtUX0sgyQs9m87vejbneyRqohRpbfpyaxWBZCWABfQIUudfMcY--Gv0y5tjUtYxo4uo_zrGwPM3uzYL14-T_1X4c4THUEu4_0V1_itUzGCd51Ypvp3suKAnsgFgiR3WKA6pJRiqkX083dcfMwd0BH2aFUZD8Pd38Jtn3D8qFB2EloVhR1eCBNGTZv3bRQpcGosZX9RPCpe2n02ArAVoY&sai=AMfl-YTgDu5yV3FW-HRCXZfgapaPGx684049ZZjGWqpfjkNbEyHW657zXLHaDWPpcHmNgcxCVgQBtB96nTkt2x5ZN8vv7n6ohfSv1JlkbDZ5cK5AIAxhDARDIxJ1UdsXK2UOVVPcIaAgTLict-hlVGYsWwktxOYJkBhqw06FXA7AKcK9p5bpdOPWv27F81huyybvRxjiq1D4bS_ryj2F3EFeJccl3MkL9mp_MgeFp8pajcKU3U8XIEUtbbCZA-Oamb375E95l3FLKLVmwoE5Xw7Gyj4_tZIwY4Rwr52ebkdXtSnJHE7LOwsLaXKAJg0PCwEQ8ma9YAhMGrGArwq5nMYHLip7E687qqpB6BsGUFXC3ySMsCbvE0x4wisk7VzasQWxD7_52Q65xOjS1_PsIYHVcR2_5hTEL3InsTVGLD2xEmdJEW04pywFWBPTHUZuBhdtI_3hfoK7dFISJIHFP5lzsP5RE_jgzb9ShrsS1VMGAE35WFoN331NTDuEC_mtr_3LSLs12g&sig=Cg0ArKJSzEnb4hvNhO6OEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=275&cisv=r20231109.43451&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 DesiDime-WhatsApp-Channel-1400-x-160.jpg
cdn3.desidime.com/merchants/1609/original/ 32 KB
33 KB 35ms
34ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/merchants/1609/original/DesiDime-WhatsApp-Channel-1400-x-160.jpg?1695364889
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd177d3c2f0f0d1f0c7f49ea67ebad23fc89a72749bad97b097f0ad49d1125d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-amz-version-id: TdsUMU9oYrC30a.CbBFsVAC7acJM0KNU
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
cf-polished: qual=85, origFmt=jpeg, origSize=95903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="DesiDime-WhatsApp-Channel-1400-x-160.webp"
content-length: 33198
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Sep 2023 06:41:31 GMT
server: cloudflare
etag: "bbc88bf8b9391bcc6ba1fbd9be3a6a4c"
vary: Accept
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe04aead1e50-FRA
x-amz-cf-id: wO857r7xecx0cfeWg8GSdvl5jMfDb-Hj2xPVtvYUPTO-SrT7mVQWSg==
expires: Tue, 13 Sep 2033 17:19:42 GMT

GET
H2 200 giphy.gif
cdn3.desidime.com/avatars/1154387/thumb/ 7 KB
8 KB 43ms
42ms Image
image/gif 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.desidime.com/avatars/1154387/thumb/giphy.gif?1667918158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f33d7dc81d45fcc265b717b05aca528f4d14870f29ba0b1bd390021ca90eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-version-id: .4KwCuTRNlSryOFQU0VMmhUMxAioBEhC
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=20212, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 7604
cf-bgj: imgq:85,h2pri
last-modified: Tue, 08 Nov 2022 14:36:03 GMT
server: cloudflare
etag: "621678cf76294f3ce7f982c1b598e56f"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe04aeae1e50-FRA
x-amz-cf-id: UVS_Lf9qGQBftYbtGX1BlZcWPJBA5WiGvyg8n7_E-tijiRk71x95xg==

GET
H3 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 61DD 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 76A6 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:26:57 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 76A6 63 KB
25 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D073 39 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3732 624 B
245 B 46ms
43ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNUXuC5IooY4CBhc3A_eJzEqAdBqasTHf6CR4YTe7JIMiVZ9lbB1VeZ6gKywooBjecDGQzm6EKAsTEXRSs2uBYlNuJaX5MYqlScqcwCjoRzndoXhrYHWQH9c3RsBsUcV4MTaaUu1tsUrrvtiq-HNH0CUcunXXoJfTVjdlhkrUcIeJji_rOQ

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:39 GMT
expires: Fri, 17 Nov 2023 00:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 61DD 89 KB
31 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61DD 42 B
63 B 68ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BK92mjpl7Wdfn1XaFVGoB_GxJpm9CzgxOElr9cNBI34sNHekHhwmP_KUY3bYycZnUgguSC3vVlqMh5ZmC13gR3aDPi2h1YFkCmzYFW33NQwXsg6DA

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61DD 0
20 B 68ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=67845562542282094&x=1&ct=76

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 61DD 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 61DD 20 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61DD 203 KB
64 KB 104ms
102ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8BA5 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PuE38g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3732
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1

43 B
734 B

24ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNUXuC5IooY4CBhc3A_eJzEqAdBqasTHf6CR4YTe7JIMiVZ9lbB1VeZ6gKywooBjecDGQzm6EKAsTEXRSs2uBYlNuJaX5MYqlScqcwCjoRzndoXhrYHWQH9c3RsBsUcV4MTaaUu1tsUrrvtiq-HNH0CUcunXXoJfTVjdlhkrUcIeJji_rOQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8BFgzA8mcrY6soS%2FgWC4AgTPwsKNaxb6eHkXS1hFXgQTvEGDUJrUS%2FPoqEl8zDNRWC%2BirWebuuzTWqMLDIjWNYwUZhIurbX6tzn5R7U1RsjAB3XR%2FBwSoMmTCPp7bQoZAUITCcl2rb4gg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8273fe063ef8929c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3732
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVa5V.LRRh0FnLbi3LvvLwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2

43 B
730 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNUXuC5IooY4CBhc3A_eJzEqAdBqasTHf6CR4YTe7JIMiVZ9lbB1VeZ6gKywooBjecDGQzm6EKAsTEXRSs2uBYlNuJaX5MYqlScqcwCjoRzndoXhrYHWQH9c3RsBsUcV4MTaaUu1tsUrrvtiq-HNH0CUcunXXoJfTVjdlhkrUcIeJji_rOQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15rYsh9Rp1gjpZ6exli41JswkdP83T14044g%2BamZdWHuwlvKaxYmYeA%2Fol%2BHLT0Oi7BMmMPi0TdWj1blhT4uiKthNn1zjUbwc%2BvulpeO6ATVjF2n0xQAko4Go169Vjw0tMpG3uCfNgjJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8273fe066f0c929c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGYSZSJ3I19oCmynw232aY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3732
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

43 B
839 B

14ms
14ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNUXuC5IooY4CBhc3A_eJzEqAdBqasTHf6CR4YTe7JIMiVZ9lbB1VeZ6gKywooBjecDGQzm6EKAsTEXRSs2uBYlNuJaX5MYqlScqcwCjoRzndoXhrYHWQH9c3RsBsUcV4MTaaUu1tsUrrvtiq-HNH0CUcunXXoJfTVjdlhkrUcIeJji_rOQ

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
an-x-request-uuid: 8a0263c5-318e-4abe-9a17-01d913d39bf9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.140; 178.162.209.140; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDwra-m2zcMc2k-UuyVJpk8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3732
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
an-x-request-uuid: ae6ff5a6-ea5e-4f62-a44d-c4e5724b0db6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxODI2OTYwMjA5OTIwNjI0OA%3D%3D
x-proxy-origin: 178.162.209.140; 178.162.209.140; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E439 7 KB
1 KB 31ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

919d6893949c8c16f093a55e913a5b3c1df18dfb5c48fd1591c69056625f6169

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TbweoCG8ZIxMVxNUcakrlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TbweoCG8ZIxMVxNUcakrlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DD17 7 KB
1 KB 33ms
29ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa101fa1ea11969bcac00d582508a2382d7aefe1783e57f2e8cd28a0218b7a2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3DdpoN-zr6bv5DXQP-Qn1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3DdpoN-zr6bv5DXQP-Qn1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61DD 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9353913715128&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61DD 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9353913715128&version=m202309260101&ct=76&x=1&cor=67845562542282100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 61DD 95 KB
40 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXXrgiTaD9gjpSUrfsp6ouwcMTaDghikpDbAuAiC_kc3WVirDKsvXQr_O-tLizW7i7880WZjavU5r_wq-KlJsgz3mAoA2Dgnshm9S2x2WoYHc3v17UXA1cXz3cTpJAcyspQke75WCPS_i6pll0bJ2u2ZuoB8PUwiy5juXYGOvE_TvLhHI&dbm_d=AKAmf-BqvDb8-6fFMwTTqIk23cE56T9qndRb2GuCllTffJ7Pk7--vrR1mGLMVaO-dztsh6qFieZAkpmpHrZ8phvPzwijsne_uRheZ-1yVIbiXN4boM8aNR7EAQQiGXkU8zo7o52PbTkdcztweXFSUXR7joDsOgMpdnlQ7gaDZeKS3Rs-PfJNF3vlquAVQfBFY0KR2JNus0csd4t6iI2aeNG3mmJsr3vb7rF8pIGDXWGSaW6tEbazlSon9WQHPQVhz8-SAueCqmCyRoVMvsTFVn7ozsSXvEpdJ-nqwfj_pHtIXcqdDagOtVC59O-hRCpgFN-sHi-wH_xN-W-mJoZAQ_kdQgD5j7D13JHQWUbpxCTdMz-oOuoWRJAfRHX9Aai7ot7aV8nvfjd5llvbA7ylFBWhxpktpRsoQiXa4DMVDJaYWsRwAHeHGoFOCxnnGnoAI4gTnLVUDZBhha4_dcLAcPC6aG4ayFqSn-2WjrpE0aJhlGcDQmT_PLbX90fbon-QoBa7w20XCBZlE0EJd4bE_S3izY21EOS6P6lTbdW59Ph8kL9faaJy9ACtcQoFXyteBaRQV0POtQVCpUa-NzOrxHQXVYf7xbC1Gr54BWCqKz1LX9de4JhT1jw7O39MsnWERwXxTeIz6tMdEOuZSjadrXiMX_q_O2r2VBRSCmOChTm8-024h5JC8oxNKyCM-fF__PMQ7dMG789iG0wXL39wXLsGN0NlXvuhIV8Q7CYpFlVgeb5q7-q9fV_FI9a4I4KY2x8VSeGAtD7PVNsF58902AVF24CyMiIipeto_zFwIDDvS67lOQtvSHHVS2_2DwS-kRWbX-IhEhUONZMtG6y0uJPeaxB6u3sUp3xMmJAZjCRxHxkKu8moM4NaqiTgaCM1WVCqcbXYrnmnDgjx6Qsc90CwPg9_P9Yo9KymbzoUVs2rVbckmhMOhM2Jf0MyfnWQ-i6zDIsZ_jROqkOxHVwXEIuEcB2B9kmAbIp54mcvD9CecOw5VrHnD1v1M2SW5d6uxPNEbAjYvsbYR2-_LJ3t2YCSI_xsojfQygxm9QUwnM9Ze1nGHyaK6ET3q7TLDtltv2fYVzUnGcUyKV5hF5zhYbDIwhKSeS3g3LIYCsXyaQBLO10RbvqAeYdCbNpIrD5J1nakI0XAmWjYz8omsjwiB_rG7am20tNvmeEnrSguijoFeZwk3mSj7RJErRtj6HYEz0PRLm0r4BkwQYk_0yBCu-zQAtolEu9dj6dagt3gTIWUxZmZ3dwLWvlG0QqZ-41b4VuHdk2Ktl3894v-MPiAlkXdybZnJVe38xz_wyWgSKn166pF3YLmcf1h3tTCeCAzw0ALaiQKPYi7tUr1BIlOKyENwPSYT8q9BtYcJYToS0rxwSfUVtJnQPq6_gQTYpirPSDTpRzFYhH_Rt9zG0UXSBt9Sl1etlsM4j5r7Zel_VIkgYA-dEtuFQfpfCa9HkG8t9g2j9yxQJRhBuJN4leMP8iYIZqadPYJNOOzCuP25fwcLT0XcfDIR57ZllqZ7ELm2ZonXc2UrbUQkLqcJmJ-si-YVIwoAwOcveevctaELlsxF9vBb5VljQNMfxYdgXHfW_Owbro8w0tc_QeG6z4nHxx_bCK0KLCJTBcIwP5Y51upJx3YW-Qf073nRkm9quekZSTfB51izfaICo8FSwRYYEpmNbB5SW1kFZNQYOCPZA-3Yg46UlDaoSpuOpLXN4BW59M1e__vFRas0-Ixi7ozSmoTrfny7hxc3_TA5J9wKyy1LIAA54FjpG1OrYKbOC7LmzYtSBNUCOpJ90RYTVn1-2T1-JO8GSqprJQhmzXJJghpTh6s3rCAVR8Jy7QQcMcPYPfH3f5zpcJQCmrX2ykwNQ0JywCiAYwAS5XOmrs3KHDNKJMPV9B53hM_K9xpCjJOR8Il8WfW80eQc-m2-SOJ6uW0oBuWuZn0boANu-ot4CI430HNedyQ6LZr1ZmcI0kaQVxZDvn4ajyDg86zNIoYX4cO7RDwbnYk0wx16IVv5iFCUDWgiTcqgRw2zXQTNWJ0pY3LjzOxAI9mFQa39FgVkq4x0yIF1Irc7xDB0t13u3MeHntM-3eKyCNDXF9oKnBVq7sR_e9NP842CKiXlCqLQYJTk9bCWGndbEV3N_ljAVrOlvTkvEr6WnX8mIZciiBP6f57gl_SHtdUl4BeCTLFSmgf2a3puSIo7GKOIAJU-WXen4CC5gZibhHeTkoAFocJrqPvOCURujVUTuIqSgyfE4OlFg5dKIdPMSwRsph1NLG1RyQHWDHIHyhnO0dC5Nihry-KE8v00jWlUid4eL3qCji0MNHjGY7Oc3sY2irEMyOFxQYppAjbUDxTzTcr4PmzGbYpUY4KZ-TejcD5FlLKb_JPWyqfK1Nw1DAp7Cm-x1YhhcU1kd-udWAy5Qcw7l2aPt8afIbtD7w5U0fx79jYRHIRLvJVhb2hybVvpVXzmsL5i5ZhYnFWbpzKK8Sjl7DaXh8UEOyRck07IpgjwTVlPJDJUtsiSZbRjF1zzk7ajrLsYJwn-AZv8xLZDmKMLmI6BS_H9uoZ02ka6IvC_vQUANqp6rUjNx8h5qndwvLVFNN_CsHBauPCpRAh1C6LI4fW5u2sclKT5IWFgtze8IKFA9PhGbh-Hd0I4miuuOSjB5PFeuybr2o5t75iDM8YKldEeEsiWq2d_UWmClOyyocGym5944EwCwbrXWP_TU_LK2LRlw0XrHoZFVp7i5actQ9mYRETb55FtFEwPB27kKrf2Ep-ZiVOM7-FH3kbZrCcdCw7SILndXWMKkDbjpS7yTxSVMS8MtU6w3rC8JZaH-8LQZfb5oZItn-ZqEs6SCwDgyYreuA5mmcpLhD_aG9ImMeo79NQZmDg7uYHVRxEI3aiiEEeWqZTQG_luqA2XG0hA8LWireMzD-lYBqt3o8zu2ZKbdFZNMpKQHJFczzstzqzobzWt79pTSAZn0zdJLEZg84eecQH_poxBTQoEi7In9meNh1xvTrGoY62i68AGSnTmZWR9H1UaUt_7_fAsIBry8fKPiJ2ShCNh_Wl8lkSkHwlLq4gtRB-dcT2mTbk3gNe_GkTr-x5kg-AVWT_IheF8_wioOfCXwRdLAOOgnk1RZGOAtVT1jpZ7nJo0o1kxR0zxro3R2osV-5McWIhTKqR6qRTMIZhceBgvMAFcDB5k6bxvywcujbQDr61FYiNUwFqTXmsbGnMztcEHMGZFlmD4_qyIZbQWMpfvIoQv3YYjC6NHfdBfWUKxB2wFQrZW4SzjCNjUL1XChxhEseiSCNzd3UkFLq-2GgTufdq9LeBZc2Ey1yNDvQtTbf_nvYpKhzs5wAqTMRL2Xp6JrtVbwdJ9Wk5RNWFXEzqBOWSQD_jPQB83YLp26378791A9Quo0E1ye235BOvz5ysuO7P0ba3CdZcukS3UrXFU9lhnNAcM1zA_wXylAE-FiGaLk9WQ6GBzXHGs1lHo9WtfWcvInDZKxfNXMXFWRx0JHtSYPr6beLqD0UMBvE5sS4crujgRfIrSCTUNYupv72Tx2ZimEb8uWeolgbf2yU1txwrm7sicfKIZrjQqYGNU_lFJ3VELvzu5EktLBdpf_KN32ctUVk2Xom0cZcW3Lis9fhUtubR97TFILEqcyGHtjBMd-VM8yMzKLPfm0_pyscIM1STqu4u3uxYbDsiSzM5AzDUiRR3BXhv7by8MTAOXJ5_cwc-gf9D0pXbqFZEB9_A4Kde4CzyArVMdh-SKOLwzclpSpxN8VC-z4PG9osXPBnWsH_467MJwbk4kw4-tSeefQ&cid=CAQSTgDICaaNBe15WkDzhN3I39C8rtc4L4svWc69ScBBdzD8CZGIyh9QqY2MBPQNeHk4CjS-_tHcShF0a1PCxy1sfc58mbRalkz8pHDWuErqZhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.desidime.com%2F&ds=l&xdt=1&iif=1&cor=67845562542282100&adk=2086295851&idt=65&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aefa8d9159ef6a12a8aca0b453e83abbc11b6269fb936d8c3759676eff95d19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40618
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8C6C 0
0 56ms
54ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvUeE0kiJCtClVcBFpd8XoehVnrOgrW6d09XwrNJ25pytpcimMzZ_POj8red9wiqIU7KR2v9aJqgcQYFmERH7Ys9w0oiEDEdxxyzXxwg7Tbh8wQcMwqN_x28SrvEJy_HzjIMHrZdJnkpRGUmZ_uu0KhrFpdBWZGFTEl5oCVt0t917B94CFYAdlEkB0f3I7OUs0Oi1OAUbh93MXaiNXAVT440ZuLFeN4E5LKwcI5Dv7lXERRBHSm4mjesgtQKbq0jk4pZc1D867l77GEGxvbge37LsONhp850F88LyRgWDpvSyS-Xp8QjlZKdWkeOpG-OJiv3snpJ-1QkT_9au9dheCsmG8EEqCmDCF6dFT-Ie-iv97IpzZvkgHLxVHu2yODwGLhi_4B1EojpL2U-i5BANcrUUm-iVqzxc8AjaIMNeYHykvMJxgm-WsJI-q6Zsqu9Nlf_zKkfXrWhncfpH7AsHXC57YMfI93rTDuFB6FplvKJOGMYfxbsIXO6CX8FYFMrSy0K_RvwOZ2JlO-iYZQT4sUwAMozj8ztAFuXu9l3kP81-wq-TyvrtpHIFQBBzxeqsR8RPVmDmp0PxpyZm3AEFjoHp0qVWcQT7DI_KC5mH3aanlxUoe5TBDxId5j5E1NaJ-6kLtsmualqTgKDYKoIr4zYPHTgCB2_QSBpg63ZWO8uTg_I1UrItpj0qEbe79pkCzeEsMdxkwJgaF6hidMIZqLkV6GYPgBV4c3SMvZMvJEkP1LcDy6tJM67L8zj8srs28J-CZcUHYHr9M3CPn0UUvq9QicRxI4G88MAP9UvMAad4RDFIAXBueNzN5Dho9Ud50eFNq5UVUaEeeQP3DgrX1BNuhr5rWeyn410KYIfeB5ldL79u4nnRYPNeY-kHg5hQ8qJiSFptrUw3l1NKUe1cc3SN6NrEVU3nCoAQvV9_2x6TLRiFSL7RAVxwzlFE2tOtcbHeO07PNLKW4V55ybEVHLJYbxa7mXikkW-tzeGSG-Uf39SZYRLT16T-MCL5HBky2T5jk9E8L6e16Odm0WJzACCYXRAT93wEVBeQYyRsbDkwk2Q74-boKkzwAADL_BndYqz96sZjrpFfPXvmViQwT2giTd4g4yLLCm_SHgbBD-YEhr-xr_gyorIQvwAm8-ITz8Igq9FmkIcu5vQ5SNtUX0sgyQs9m87vejbneyRqohRpbfpyaxWBZCWABfQIUudfMcY--Gv0y5tjUtYxo4uo_zrGwPM3uzYL14-T_1X4c4THUEu4_0V1_itUzGCd51Ypvp3suKAnsgFgiR3WKA6pJRiqkX083dcfMwd0BH2aFUZD8Pd38Jtn3D8qFB2EloVhR1eCBNGTZv3bRQpcGosZX9RPCpe2n02ArAVoY&sai=AMfl-YTgDu5yV3FW-HRCXZfgapaPGx684049ZZjGWqpfjkNbEyHW657zXLHaDWPpcHmNgcxCVgQBtB96nTkt2x5ZN8vv7n6ohfSv1JlkbDZ5cK5AIAxhDARDIxJ1UdsXK2UOVVPcIaAgTLict-hlVGYsWwktxOYJkBhqw06FXA7AKcK9p5bpdOPWv27F81huyybvRxjiq1D4bS_ryj2F3EFeJccl3MkL9mp_MgeFp8pajcKU3U8XIEUtbbCZA-Oamb375E95l3FLKLVmwoE5Xw7Gyj4_tZIwY4Rwr52ebkdXtSnJHE7LOwsLaXKAJg0PCwEQ8ma9YAhMGrGArwq5nMYHLip7E687qqpB6BsGUFXC3ySMsCbvE0x4wisk7VzasQWxD7_52Q65xOjS1_PsIYHVcR2_5hTEL3InsTVGLD2xEmdJEW04pywFWBPTHUZuBhdtI_3hfoK7dFISJIHFP5lzsP5RE_jgzb9ShrsS1VMGAE35WFoN331NTDuEC_mtr_3LSLs12g&sig=Cg0ArKJSzEnb4hvNhO6OEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=680&vt=11&dtpt=396&dett=3&cstd=275&cisv=r20231109.43451&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DD4 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame E439 55 KB
24 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 16:57:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame E439 468 KB
188 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:26:55 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame DD17 55 KB
24 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 16:57:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame DD17 468 KB
188 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:26:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B72D 640 B
265 B 41ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
expires: Fri, 17 Nov 2023 00:52:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1DD4 172 KB
60 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Origin: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:16:58 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1DD4 7 KB
3 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1DD4 23 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DD4 41 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1DD4 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1DD4 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DD4 42 B
63 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTNNqsyuNRsFh2bvl8bWiPJ0uqQUwjnR-CqdVnThd-z7BAuGAjiUdZZn8JtPqH0VbFmgJjuhOmJRe1cUcjjZRS9tNwOTH_doBcccz5OpF2XwFuSDk

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DD4 203 KB
64 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1835641/76534654/ Frame 61DD 254 KB
76 KB 154ms
36ms Script
application/javascript 52.209.24.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1835641/76534654/skeleton.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6055132318164052&ias_chanId=1&ias_placementId=20785739509&bidurl=https://www.desidime.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0is13uphe-1FVROVJYmwdy-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXXrgiTaD9gjpSUrfsp6ouwcMTaDghikpDbAuAiC_kc3WVirDKsvXQr_O-tLizW7i7880WZjavU5r_wq-KlJsgz3mAoA2Dgnshm9S2x2WoYHc3v17UXA1cXz3cTpJAcyspQke75WCPS_i6pll0bJ2u2ZuoB8PUwiy5juXYGOvE_TvLhHI&dbm_d=AKAmf-BqvDb8-6fFMwTTqIk23cE56T9qndRb2GuCllTffJ7Pk7--vrR1mGLMVaO-dztsh6qFieZAkpmpHrZ8phvPzwijsne_uRheZ-1yVIbiXN4boM8aNR7EAQQiGXkU8zo7o52PbTkdcztweXFSUXR7joDsOgMpdnlQ7gaDZeKS3Rs-PfJNF3vlquAVQfBFY0KR2JNus0csd4t6iI2aeNG3mmJsr3vb7rF8pIGDXWGSaW6tEbazlSon9WQHPQVhz8-SAueCqmCyRoVMvsTFVn7ozsSXvEpdJ-nqwfj_pHtIXcqdDagOtVC59O-hRCpgFN-sHi-wH_xN-W-mJoZAQ_kdQgD5j7D13JHQWUbpxCTdMz-oOuoWRJAfRHX9Aai7ot7aV8nvfjd5llvbA7ylFBWhxpktpRsoQiXa4DMVDJaYWsRwAHeHGoFOCxnnGnoAI4gTnLVUDZBhha4_dcLAcPC6aG4ayFqSn-2WjrpE0aJhlGcDQmT_PLbX90fbon-QoBa7w20XCBZlE0EJd4bE_S3izY21EOS6P6lTbdW59Ph8kL9faaJy9ACtcQoFXyteBaRQV0POtQVCpUa-NzOrxHQXVYf7xbC1Gr54BWCqKz1LX9de4JhT1jw7O39MsnWERwXxTeIz6tMdEOuZSjadrXiMX_q_O2r2VBRSCmOChTm8-024h5JC8oxNKyCM-fF__PMQ7dMG789iG0wXL39wXLsGN0NlXvuhIV8Q7CYpFlVgeb5q7-q9fV_FI9a4I4KY2x8VSeGAtD7PVNsF58902AVF24CyMiIipeto_zFwIDDvS67lOQtvSHHVS2_2DwS-kRWbX-IhEhUONZMtG6y0uJPeaxB6u3sUp3xMmJAZjCRxHxkKu8moM4NaqiTgaCM1WVCqcbXYrnmnDgjx6Qsc90CwPg9_P9Yo9KymbzoUVs2rVbckmhMOhM2Jf0MyfnWQ-i6zDIsZ_jROqkOxHVwXEIuEcB2B9kmAbIp54mcvD9CecOw5VrHnD1v1M2SW5d6uxPNEbAjYvsbYR2-_LJ3t2YCSI_xsojfQygxm9QUwnM9Ze1nGHyaK6ET3q7TLDtltv2fYVzUnGcUyKV5hF5zhYbDIwhKSeS3g3LIYCsXyaQBLO10RbvqAeYdCbNpIrD5J1nakI0XAmWjYz8omsjwiB_rG7am20tNvmeEnrSguijoFeZwk3mSj7RJErRtj6HYEz0PRLm0r4BkwQYk_0yBCu-zQAtolEu9dj6dagt3gTIWUxZmZ3dwLWvlG0QqZ-41b4VuHdk2Ktl3894v-MPiAlkXdybZnJVe38xz_wyWgSKn166pF3YLmcf1h3tTCeCAzw0ALaiQKPYi7tUr1BIlOKyENwPSYT8q9BtYcJYToS0rxwSfUVtJnQPq6_gQTYpirPSDTpRzFYhH_Rt9zG0UXSBt9Sl1etlsM4j5r7Zel_VIkgYA-dEtuFQfpfCa9HkG8t9g2j9yxQJRhBuJN4leMP8iYIZqadPYJNOOzCuP25fwcLT0XcfDIR57ZllqZ7ELm2ZonXc2UrbUQkLqcJmJ-si-YVIwoAwOcveevctaELlsxF9vBb5VljQNMfxYdgXHfW_Owbro8w0tc_QeG6z4nHxx_bCK0KLCJTBcIwP5Y51upJx3YW-Qf073nRkm9quekZSTfB51izfaICo8FSwRYYEpmNbB5SW1kFZNQYOCPZA-3Yg46UlDaoSpuOpLXN4BW59M1e__vFRas0-Ixi7ozSmoTrfny7hxc3_TA5J9wKyy1LIAA54FjpG1OrYKbOC7LmzYtSBNUCOpJ90RYTVn1-2T1-JO8GSqprJQhmzXJJghpTh6s3rCAVR8Jy7QQcMcPYPfH3f5zpcJQCmrX2ykwNQ0JywCiAYwAS5XOmrs3KHDNKJMPV9B53hM_K9xpCjJOR8Il8WfW80eQc-m2-SOJ6uW0oBuWuZn0boANu-ot4CI430HNedyQ6LZr1ZmcI0kaQVxZDvn4ajyDg86zNIoYX4cO7RDwbnYk0wx16IVv5iFCUDWgiTcqgRw2zXQTNWJ0pY3LjzOxAI9mFQa39FgVkq4x0yIF1Irc7xDB0t13u3MeHntM-3eKyCNDXF9oKnBVq7sR_e9NP842CKiXlCqLQYJTk9bCWGndbEV3N_ljAVrOlvTkvEr6WnX8mIZciiBP6f57gl_SHtdUl4BeCTLFSmgf2a3puSIo7GKOIAJU-WXen4CC5gZibhHeTkoAFocJrqPvOCURujVUTuIqSgyfE4OlFg5dKIdPMSwRsph1NLG1RyQHWDHIHyhnO0dC5Nihry-KE8v00jWlUid4eL3qCji0MNHjGY7Oc3sY2irEMyOFxQYppAjbUDxTzTcr4PmzGbYpUY4KZ-TejcD5FlLKb_JPWyqfK1Nw1DAp7Cm-x1YhhcU1kd-udWAy5Qcw7l2aPt8afIbtD7w5U0fx79jYRHIRLvJVhb2hybVvpVXzmsL5i5ZhYnFWbpzKK8Sjl7DaXh8UEOyRck07IpgjwTVlPJDJUtsiSZbRjF1zzk7ajrLsYJwn-AZv8xLZDmKMLmI6BS_H9uoZ02ka6IvC_vQUANqp6rUjNx8h5qndwvLVFNN_CsHBauPCpRAh1C6LI4fW5u2sclKT5IWFgtze8IKFA9PhGbh-Hd0I4miuuOSjB5PFeuybr2o5t75iDM8YKldEeEsiWq2d_UWmClOyyocGym5944EwCwbrXWP_TU_LK2LRlw0XrHoZFVp7i5actQ9mYRETb55FtFEwPB27kKrf2Ep-ZiVOM7-FH3kbZrCcdCw7SILndXWMKkDbjpS7yTxSVMS8MtU6w3rC8JZaH-8LQZfb5oZItn-ZqEs6SCwDgyYreuA5mmcpLhD_aG9ImMeo79NQZmDg7uYHVRxEI3aiiEEeWqZTQG_luqA2XG0hA8LWireMzD-lYBqt3o8zu2ZKbdFZNMpKQHJFczzstzqzobzWt79pTSAZn0zdJLEZg84eecQH_poxBTQoEi7In9meNh1xvTrGoY62i68AGSnTmZWR9H1UaUt_7_fAsIBry8fKPiJ2ShCNh_Wl8lkSkHwlLq4gtRB-dcT2mTbk3gNe_GkTr-x5kg-AVWT_IheF8_wioOfCXwRdLAOOgnk1RZGOAtVT1jpZ7nJo0o1kxR0zxro3R2osV-5McWIhTKqR6qRTMIZhceBgvMAFcDB5k6bxvywcujbQDr61FYiNUwFqTXmsbGnMztcEHMGZFlmD4_qyIZbQWMpfvIoQv3YYjC6NHfdBfWUKxB2wFQrZW4SzjCNjUL1XChxhEseiSCNzd3UkFLq-2GgTufdq9LeBZc2Ey1yNDvQtTbf_nvYpKhzs5wAqTMRL2Xp6JrtVbwdJ9Wk5RNWFXEzqBOWSQD_jPQB83YLp26378791A9Quo0E1ye235BOvz5ysuO7P0ba3CdZcukS3UrXFU9lhnNAcM1zA_wXylAE-FiGaLk9WQ6GBzXHGs1lHo9WtfWcvInDZKxfNXMXFWRx0JHtSYPr6beLqD0UMBvE5sS4crujgRfIrSCTUNYupv72Tx2ZimEb8uWeolgbf2yU1txwrm7sicfKIZrjQqYGNU_lFJ3VELvzu5EktLBdpf_KN32ctUVk2Xom0cZcW3Lis9fhUtubR97TFILEqcyGHtjBMd-VM8yMzKLPfm0_pyscIM1STqu4u3uxYbDsiSzM5AzDUiRR3BXhv7by8MTAOXJ5_cwc-gf9D0pXbqFZEB9_A4Kde4CzyArVMdh-SKOLwzclpSpxN8VC-z4PG9osXPBnWsH_467MJwbk4kw4-tSeefQ&cid=CAQSTgDICaaNBe15WkDzhN3I39C8rtc4L4svWc69ScBBdzD8CZGIyh9QqY2MBPQNeHk4CjS-_tHcShF0a1PCxy1sfc58mbRalkz8pHDWuErqZhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.desidime.com%2F&ds=l&xdt=1&iif=1&cor=67845562542282100&adk=2086295851&idt=65&cac=0&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.24.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-24-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3b351d6c02f7062e6ffe712735163b292db9785ca9bfd01b4ebbd731818938e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 61DD 31 KB
12 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXXrgiTaD9gjpSUrfsp6ouwcMTaDghikpDbAuAiC_kc3WVirDKsvXQr_O-tLizW7i7880WZjavU5r_wq-KlJsgz3mAoA2Dgnshm9S2x2WoYHc3v17UXA1cXz3cTpJAcyspQke75WCPS_i6pll0bJ2u2ZuoB8PUwiy5juXYGOvE_TvLhHI&dbm_d=AKAmf-BqvDb8-6fFMwTTqIk23cE56T9qndRb2GuCllTffJ7Pk7--vrR1mGLMVaO-dztsh6qFieZAkpmpHrZ8phvPzwijsne_uRheZ-1yVIbiXN4boM8aNR7EAQQiGXkU8zo7o52PbTkdcztweXFSUXR7joDsOgMpdnlQ7gaDZeKS3Rs-PfJNF3vlquAVQfBFY0KR2JNus0csd4t6iI2aeNG3mmJsr3vb7rF8pIGDXWGSaW6tEbazlSon9WQHPQVhz8-SAueCqmCyRoVMvsTFVn7ozsSXvEpdJ-nqwfj_pHtIXcqdDagOtVC59O-hRCpgFN-sHi-wH_xN-W-mJoZAQ_kdQgD5j7D13JHQWUbpxCTdMz-oOuoWRJAfRHX9Aai7ot7aV8nvfjd5llvbA7ylFBWhxpktpRsoQiXa4DMVDJaYWsRwAHeHGoFOCxnnGnoAI4gTnLVUDZBhha4_dcLAcPC6aG4ayFqSn-2WjrpE0aJhlGcDQmT_PLbX90fbon-QoBa7w20XCBZlE0EJd4bE_S3izY21EOS6P6lTbdW59Ph8kL9faaJy9ACtcQoFXyteBaRQV0POtQVCpUa-NzOrxHQXVYf7xbC1Gr54BWCqKz1LX9de4JhT1jw7O39MsnWERwXxTeIz6tMdEOuZSjadrXiMX_q_O2r2VBRSCmOChTm8-024h5JC8oxNKyCM-fF__PMQ7dMG789iG0wXL39wXLsGN0NlXvuhIV8Q7CYpFlVgeb5q7-q9fV_FI9a4I4KY2x8VSeGAtD7PVNsF58902AVF24CyMiIipeto_zFwIDDvS67lOQtvSHHVS2_2DwS-kRWbX-IhEhUONZMtG6y0uJPeaxB6u3sUp3xMmJAZjCRxHxkKu8moM4NaqiTgaCM1WVCqcbXYrnmnDgjx6Qsc90CwPg9_P9Yo9KymbzoUVs2rVbckmhMOhM2Jf0MyfnWQ-i6zDIsZ_jROqkOxHVwXEIuEcB2B9kmAbIp54mcvD9CecOw5VrHnD1v1M2SW5d6uxPNEbAjYvsbYR2-_LJ3t2YCSI_xsojfQygxm9QUwnM9Ze1nGHyaK6ET3q7TLDtltv2fYVzUnGcUyKV5hF5zhYbDIwhKSeS3g3LIYCsXyaQBLO10RbvqAeYdCbNpIrD5J1nakI0XAmWjYz8omsjwiB_rG7am20tNvmeEnrSguijoFeZwk3mSj7RJErRtj6HYEz0PRLm0r4BkwQYk_0yBCu-zQAtolEu9dj6dagt3gTIWUxZmZ3dwLWvlG0QqZ-41b4VuHdk2Ktl3894v-MPiAlkXdybZnJVe38xz_wyWgSKn166pF3YLmcf1h3tTCeCAzw0ALaiQKPYi7tUr1BIlOKyENwPSYT8q9BtYcJYToS0rxwSfUVtJnQPq6_gQTYpirPSDTpRzFYhH_Rt9zG0UXSBt9Sl1etlsM4j5r7Zel_VIkgYA-dEtuFQfpfCa9HkG8t9g2j9yxQJRhBuJN4leMP8iYIZqadPYJNOOzCuP25fwcLT0XcfDIR57ZllqZ7ELm2ZonXc2UrbUQkLqcJmJ-si-YVIwoAwOcveevctaELlsxF9vBb5VljQNMfxYdgXHfW_Owbro8w0tc_QeG6z4nHxx_bCK0KLCJTBcIwP5Y51upJx3YW-Qf073nRkm9quekZSTfB51izfaICo8FSwRYYEpmNbB5SW1kFZNQYOCPZA-3Yg46UlDaoSpuOpLXN4BW59M1e__vFRas0-Ixi7ozSmoTrfny7hxc3_TA5J9wKyy1LIAA54FjpG1OrYKbOC7LmzYtSBNUCOpJ90RYTVn1-2T1-JO8GSqprJQhmzXJJghpTh6s3rCAVR8Jy7QQcMcPYPfH3f5zpcJQCmrX2ykwNQ0JywCiAYwAS5XOmrs3KHDNKJMPV9B53hM_K9xpCjJOR8Il8WfW80eQc-m2-SOJ6uW0oBuWuZn0boANu-ot4CI430HNedyQ6LZr1ZmcI0kaQVxZDvn4ajyDg86zNIoYX4cO7RDwbnYk0wx16IVv5iFCUDWgiTcqgRw2zXQTNWJ0pY3LjzOxAI9mFQa39FgVkq4x0yIF1Irc7xDB0t13u3MeHntM-3eKyCNDXF9oKnBVq7sR_e9NP842CKiXlCqLQYJTk9bCWGndbEV3N_ljAVrOlvTkvEr6WnX8mIZciiBP6f57gl_SHtdUl4BeCTLFSmgf2a3puSIo7GKOIAJU-WXen4CC5gZibhHeTkoAFocJrqPvOCURujVUTuIqSgyfE4OlFg5dKIdPMSwRsph1NLG1RyQHWDHIHyhnO0dC5Nihry-KE8v00jWlUid4eL3qCji0MNHjGY7Oc3sY2irEMyOFxQYppAjbUDxTzTcr4PmzGbYpUY4KZ-TejcD5FlLKb_JPWyqfK1Nw1DAp7Cm-x1YhhcU1kd-udWAy5Qcw7l2aPt8afIbtD7w5U0fx79jYRHIRLvJVhb2hybVvpVXzmsL5i5ZhYnFWbpzKK8Sjl7DaXh8UEOyRck07IpgjwTVlPJDJUtsiSZbRjF1zzk7ajrLsYJwn-AZv8xLZDmKMLmI6BS_H9uoZ02ka6IvC_vQUANqp6rUjNx8h5qndwvLVFNN_CsHBauPCpRAh1C6LI4fW5u2sclKT5IWFgtze8IKFA9PhGbh-Hd0I4miuuOSjB5PFeuybr2o5t75iDM8YKldEeEsiWq2d_UWmClOyyocGym5944EwCwbrXWP_TU_LK2LRlw0XrHoZFVp7i5actQ9mYRETb55FtFEwPB27kKrf2Ep-ZiVOM7-FH3kbZrCcdCw7SILndXWMKkDbjpS7yTxSVMS8MtU6w3rC8JZaH-8LQZfb5oZItn-ZqEs6SCwDgyYreuA5mmcpLhD_aG9ImMeo79NQZmDg7uYHVRxEI3aiiEEeWqZTQG_luqA2XG0hA8LWireMzD-lYBqt3o8zu2ZKbdFZNMpKQHJFczzstzqzobzWt79pTSAZn0zdJLEZg84eecQH_poxBTQoEi7In9meNh1xvTrGoY62i68AGSnTmZWR9H1UaUt_7_fAsIBry8fKPiJ2ShCNh_Wl8lkSkHwlLq4gtRB-dcT2mTbk3gNe_GkTr-x5kg-AVWT_IheF8_wioOfCXwRdLAOOgnk1RZGOAtVT1jpZ7nJo0o1kxR0zxro3R2osV-5McWIhTKqR6qRTMIZhceBgvMAFcDB5k6bxvywcujbQDr61FYiNUwFqTXmsbGnMztcEHMGZFlmD4_qyIZbQWMpfvIoQv3YYjC6NHfdBfWUKxB2wFQrZW4SzjCNjUL1XChxhEseiSCNzd3UkFLq-2GgTufdq9LeBZc2Ey1yNDvQtTbf_nvYpKhzs5wAqTMRL2Xp6JrtVbwdJ9Wk5RNWFXEzqBOWSQD_jPQB83YLp26378791A9Quo0E1ye235BOvz5ysuO7P0ba3CdZcukS3UrXFU9lhnNAcM1zA_wXylAE-FiGaLk9WQ6GBzXHGs1lHo9WtfWcvInDZKxfNXMXFWRx0JHtSYPr6beLqD0UMBvE5sS4crujgRfIrSCTUNYupv72Tx2ZimEb8uWeolgbf2yU1txwrm7sicfKIZrjQqYGNU_lFJ3VELvzu5EktLBdpf_KN32ctUVk2Xom0cZcW3Lis9fhUtubR97TFILEqcyGHtjBMd-VM8yMzKLPfm0_pyscIM1STqu4u3uxYbDsiSzM5AzDUiRR3BXhv7by8MTAOXJ5_cwc-gf9D0pXbqFZEB9_A4Kde4CzyArVMdh-SKOLwzclpSpxN8VC-z4PG9osXPBnWsH_467MJwbk4kw4-tSeefQ&cid=CAQSTgDICaaNBe15WkDzhN3I39C8rtc4L4svWc69ScBBdzD8CZGIyh9QqY2MBPQNeHk4CjS-_tHcShF0a1PCxy1sfc58mbRalkz8pHDWuErqZhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.desidime.com%2F&ds=l&xdt=1&iif=1&cor=67845562542282100&adk=2086295851&idt=65&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:03:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 61DD 11 KB
4 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:12:43 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61DD 0
0 122ms
63ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_pyS5LF-iT-Ztgz2l6wChS4di4SsjYGV6-3ClLPmHWkD5X6gsGdS74e3FzPUnVHaRnXb-k18EaI-vURe_clW45H0edsu5YaVQ1uokDEZQu8Qk7EnG67S1kWXgv3jnDeEA9TYi0tj48oRdvZWM6X0dot9-WZ9r9818yW_jdKU9s6I5A8Xnpyi-jutAka_DFXLYp8JnkB5_OJLioGjAkYrl4BkQVjyVcT78PX57thpaN4RCAxvLUed973wWs735oGaE8IcTfFFqWpakV_zvzxoJcd-w-lgn2hz--80XDHPv-y6qHuuQPS7C_LDZfdwK1NjoL6TrCngB1r9i-wEx4ZaJdDuH0l81D4aDVsaJzdbBIVYZSqgcmOkPd0bHk_TasMKmV07wW9xNSjmQsqvXwP07piUgsoSzNR-aLwL4YzHQPEsY6Q8sy-jTS4-QvGoqkniu8NjDkLM9FcJPS5ZeCaGacWP64uJclOp9oy1-OsmuWm-8iZx8geI-GDhI6JHlErTEFzAcfPuYC_7AhsRXwAHjFB_8pVq19r363p56EXirMjh-1ThkAK6ycEK-3Z52fs3ED5XEBRS9g8z6lni4lVUu8ElNPnG_bNHtZv0a0z6vYaCacDNhJDzephukSJu5ex18IfWK3VZMK64c-mSiqSqmxTzD4Q8lC7rbwNVb-rv9QvFvzxwSAVMxnm8CS-uR8RhXYaK0O1D6WLhbbgsd1H4t07KGRLss4KpDUWtyNgmMsaElpyPO__WZI4jDz1zSHCt1m_5TTvntDwgCUxLHAkEgsqzRaAw_yvoGmeZtmYQMVUf0GJgq7NXiNPUZISO2BeF492FLYwkkHhJJWOv6VB_CMTeNQII_EGrT6ShwqBDW6aAKerNe2dgjPRTv0kR5V1_JppBov8-7-ze9Y6Lz2hiQJqJ_p4rqDywY3GvMKRzp6KkpE9PV3yKjDjv8466CmkXM5J58Bl6BPO6GP1PGepcpRH4kZEk084MOHjdq8cuSHZ0Zak5WnyOUKtngimx1nIxDZSU7OrhlGRIAWjeUjRwyJ_JBN2Z9hxSMKVhTf-t6g_AVFQqEtPcwed8qGbAqK-hYTAT51h5vo-bA08uYrro9zDlI0UhXJ01tT_AdwrwDNnI5JyYMICl8E-R3RrVpP4ShGn-75eDjc4DN3vV_Yb0S2h_IGzjWNZ85xVwqv-L7H4kdW5cRmaQvhyBZs9Y5_okCWgEutMpmVxAeoMHDKLBiasR_d5urbLbndbaCzdHVuQCORBrgSyvx0vgpCo5fETcjlH4avT6uPTIq3A76UMSxWAwzUmdc0_33cvhoXoBbcGnAqVOXq-io8hHMdujBWIiGVKMqIkfqQAAoFhUlSmTgSKpC&sai=AMfl-YQzOHRRqLZFb0NYUc254uutszBwbxD_G9DLbGewwuwzUL2GgZNhuaAp96iGo14p3Y8j1jrMq5A-7CUpw2TXuOg4k9lcBBVPqCWvTPxt353C_rxuYmplM5joruELNcFBBLpVlbBnGKE05RqU3edwjXIWX_3pJlIaT_SALH24ZkpL8TkmMG2deCwoWXaycVXyzT-hfwuR1oS6--5niM0WftRurpT_hEdzQAol2TosJx9uPQiwlSVGL5Gmv4IEczM3KUWiWSrTcG0mVKkXLzL0CF19QNmmP5CWPpfJxA&sig=Cg0ArKJSzOH72N8ULRhVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.31345&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 61DD 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 15480152141350477397
s0.2mdn.net/simgad/ Frame 61DD 30 KB
30 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15480152141350477397

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5d039a85d79c67d60d3ae23e78432165e6e2fd3cf200241dfb6829355cc376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:18 GMT
x-content-type-options: nosniff
age: 5122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30229
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 12:04:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:27:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 76A6 8 KB
6 KB 43ms
35ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12356035dc2252194e136f03de5c8c877afbd6184e17aa8953aa9a444a1b7117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0

GET
H3 200 60005582_20230915074512859_728x090_LOOK_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 76A6 21 KB
21 KB 21ms
14ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915074512859_728x090_LOOK_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79dd53057726b936a1a09830544378d4cb92c4af2832e0ada32e7af918a62ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:47:10 GMT
x-content-type-options: nosniff
age: 18330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21627
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:45:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 19:47:10 GMT

GET
H3 200 60005582_20230915065039736_728x090_LOOK_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 76A6 22 KB
22 KB 26ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915065039736_728x090_LOOK_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c6f2f0602a218e0c6d67f9212c4c73094d8cc03e0883f25259bbb821c926745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:42:24 GMT
x-content-type-options: nosniff
age: 65416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22076
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:50:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:42:24 GMT

GET
H3 200 60005582_20230919053955990_728x090_LOOK_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 76A6 20 KB
20 KB 28ms
21ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230919053955990_728x090_LOOK_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f61bca281d4dc1ac70c21fb71708e39da7947085ef38868e92e7b37ab0f3db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=XQ6U901j6t&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:30:23 GMT
x-content-type-options: nosniff
age: 12137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20913
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:39:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 21:30:23 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 76A6 43 B
608 B 60ms
21ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_380084403_145341330_PO2803A20230922&ref=30943227_4307561_380084403_145341330_PO2803A20230922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 1282270
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Mon, 16 Oct 2023 12:55:26 GMT
Server: cloudflare
etag: "2b-607d4eb83ab80"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 19488550
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8273fe08595718c1-FRA
Expires: Sat, 16 Nov 2024 00:52:40 GMT

GET
H2 200 cropped3432479863073283004.jpg
cdn0.desidime.com/avatars/1313491/thumb/ 278 B
592 B 49ms
40ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/avatars/1313491/thumb/cropped3432479863073283004.jpg?1693838693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170f20cb6368dbdb0080a957887bfe920952d3c26bdbf4be8bb03087351c7285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 7b082441eaf35142a6f7785a74fb7a50.cloudfront.net (CloudFront)
x-amz-version-id: 8d9AOoAFh3eI1yfKjJfuX7AQK0R6niu8
cf-cache-status: REVALIDATED
x-amz-cf-pop: AMS58-P1
cf-polished: qual=85, origFmt=jpeg, origSize=1161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="cropped3432479863073283004.webp"
content-length: 278
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Sep 2023 14:44:57 GMT
server: cloudflare
etag: "9f9a94b9120e485ecedad26836960d76"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe0829121e50-FRA
x-amz-cf-id: 7PBVlc3efNY9bBLwvAvSgQfIPJH8pHkbXEnmZhJeAERL94Cw1XFZ4Q==

GET
H2 200 missing.png
cdn1.desidime.com/avatars/default/thumb/ 2 KB
2 KB 27ms
18ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.desidime.com/avatars/default/thumb/missing.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e47cc7f7eaff0ada95459a7290a5cb4d311b790cd1a248d2d5ef940cad12ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 2
cf-polished: origFmt=png, origSize=5353
x-cache: Hit from cloudfront
content-disposition: inline; filename="missing.webp"
content-length: 1554
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Sep 2015 11:24:48 GMT
server: cloudflare
etag: "42ed1970a2bcf041085a7e1e906dbc54"
access-control-max-age: 30000
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: https://www.desidime.com
vary: Accept
access-control-allow-credentials: true
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe0829131e50-FRA
x-amz-cf-id: B-SxZ-5sTCC91uDB515xgKKD1cx5IW94KKmtGYrRqSgu3OlBdxLZ3A==

GET
H2 200 cropped1625031481.jpg
cdn0.desidime.com/avatars/1317271/thumb/ 520 B
897 B 44ms
36ms Image
image/webp 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/avatars/1317271/thumb/cropped1625031481.jpg?1672250406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 181168367c31e81b46f326e9a846fea75b8009696720bb5ce21a5dfdea0eb97a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront)
x-amz-version-id: 0MMN9w.uqhMi1AllVkdiQ_Mh.J85f7Ee
cf-cache-status: REVALIDATED
x-amz-cf-pop: AMS58-P1
cf-polished: qual=85, origFmt=jpeg, origSize=893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="cropped1625031481.webp"
content-length: 520
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 18:00:10 GMT
server: cloudflare
etag: "48ce668c6d0414e42c811cf7ce0cabd7"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8273fe0829151e50-FRA
x-amz-cf-id: xuKoUovmIl3bykkLEHRaZIWZTQawGUoDaV4XrWhcrG1Fd81NvAyz_g==

GET
DATA 200
OK truncated
/ Frame 61DD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b09240b4428831f1e61c9516508103d4777648f2708003045bec2cab3fc06af1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B72D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrNbS9oUBVpzOvhw-8pyYw&google_cver=1

43 B
114 B

25ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrNbS9oUBVpzOvhw-8pyYw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrNbS9oUBVpzOvhw-8pyYw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B72D 43 B
304 B 63ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B72D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ7qrKdBxHh9KdxDpMNebVY&google_cver=1

23 B
163 B

50ms
49ms

Image
image/gif

23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ7qrKdBxHh9KdxDpMNebVY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE
Protocol: H2
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 00:52:40 GMT
pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ7qrKdBxHh9KdxDpMNebVY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B72D 23 B
163 B 110ms
53ms Image
image/gif 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYqoHo4gEwAQ&v=APEucNVFwce5tEo1inMBUi7c5IPkXmmWNJ3N0NkjcwYcjkIdaSBPmrFO6YCDWlp3vUgcQISQbG-bg3NrFStTGWEx-YQmSZeAfQQP62fu-6juAWrybEUvYeVfS-RrM8yJ32zf3c4gPY6gShppnuziIf6npDvBL2wSPtqFByFPhoM4IdHksmWRkXE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 00:52:40 GMT
pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61DD 0
0 53ms
53ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_pyS5LF-iT-Ztgz2l6wChS4di4SsjYGV6-3ClLPmHWkD5X6gsGdS74e3FzPUnVHaRnXb-k18EaI-vURe_clW45H0edsu5YaVQ1uokDEZQu8Qk7EnG67S1kWXgv3jnDeEA9TYi0tj48oRdvZWM6X0dot9-WZ9r9818yW_jdKU9s6I5A8Xnpyi-jutAka_DFXLYp8JnkB5_OJLioGjAkYrl4BkQVjyVcT78PX57thpaN4RCAxvLUed973wWs735oGaE8IcTfFFqWpakV_zvzxoJcd-w-lgn2hz--80XDHPv-y6qHuuQPS7C_LDZfdwK1NjoL6TrCngB1r9i-wEx4ZaJdDuH0l81D4aDVsaJzdbBIVYZSqgcmOkPd0bHk_TasMKmV07wW9xNSjmQsqvXwP07piUgsoSzNR-aLwL4YzHQPEsY6Q8sy-jTS4-QvGoqkniu8NjDkLM9FcJPS5ZeCaGacWP64uJclOp9oy1-OsmuWm-8iZx8geI-GDhI6JHlErTEFzAcfPuYC_7AhsRXwAHjFB_8pVq19r363p56EXirMjh-1ThkAK6ycEK-3Z52fs3ED5XEBRS9g8z6lni4lVUu8ElNPnG_bNHtZv0a0z6vYaCacDNhJDzephukSJu5ex18IfWK3VZMK64c-mSiqSqmxTzD4Q8lC7rbwNVb-rv9QvFvzxwSAVMxnm8CS-uR8RhXYaK0O1D6WLhbbgsd1H4t07KGRLss4KpDUWtyNgmMsaElpyPO__WZI4jDz1zSHCt1m_5TTvntDwgCUxLHAkEgsqzRaAw_yvoGmeZtmYQMVUf0GJgq7NXiNPUZISO2BeF492FLYwkkHhJJWOv6VB_CMTeNQII_EGrT6ShwqBDW6aAKerNe2dgjPRTv0kR5V1_JppBov8-7-ze9Y6Lz2hiQJqJ_p4rqDywY3GvMKRzp6KkpE9PV3yKjDjv8466CmkXM5J58Bl6BPO6GP1PGepcpRH4kZEk084MOHjdq8cuSHZ0Zak5WnyOUKtngimx1nIxDZSU7OrhlGRIAWjeUjRwyJ_JBN2Z9hxSMKVhTf-t6g_AVFQqEtPcwed8qGbAqK-hYTAT51h5vo-bA08uYrro9zDlI0UhXJ01tT_AdwrwDNnI5JyYMICl8E-R3RrVpP4ShGn-75eDjc4DN3vV_Yb0S2h_IGzjWNZ85xVwqv-L7H4kdW5cRmaQvhyBZs9Y5_okCWgEutMpmVxAeoMHDKLBiasR_d5urbLbndbaCzdHVuQCORBrgSyvx0vgpCo5fETcjlH4avT6uPTIq3A76UMSxWAwzUmdc0_33cvhoXoBbcGnAqVOXq-io8hHMdujBWIiGVKMqIkfqQAAoFhUlSmTgSKpC&sai=AMfl-YQzOHRRqLZFb0NYUc254uutszBwbxD_G9DLbGewwuwzUL2GgZNhuaAp96iGo14p3Y8j1jrMq5A-7CUpw2TXuOg4k9lcBBVPqCWvTPxt353C_rxuYmplM5joruELNcFBBLpVlbBnGKE05RqU3edwjXIWX_3pJlIaT_SALH24ZkpL8TkmMG2deCwoWXaycVXyzT-hfwuR1oS6--5niM0WftRurpT_hEdzQAol2TosJx9uPQiwlSVGL5Gmv4IEczM3KUWiWSrTcG0mVKkXLzL0CF19QNmmP5CWPpfJxA&sig=Cg0ArKJSzOH72N8ULRhVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&vt=11&dtpt=112&dett=2&cstd=0&cisv=r20231109.31345&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 76A6 17 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9D6 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 89ED 1 KB
767 B 55ms
55ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
expires: Sat, 16 Nov 2024 00:52:40 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1DD4 0
0 61ms
58ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssYAvOavcd7skOyErhBgPvCDmXxnrnVwdWqSzB_HnDpt1-TU3kqrTmz7qS23C5Qi-IaPEGxOG21l305eP0lUwSQMBQSn9yXiNxVOBpIZPw765B5ViRQLui05q0UmW5QWd1qMGFstzhXC1bH2LmHpPljJd40zIJIAJCqlQdgFeKkREookfPt5HBUEe_HRDrE2qz26x7fwTWeT4fAXUzcHST0He7WXcpJ35mgUqqWVsRbQNy-VvjKaBqZoQQZcgRMlEQken-XKCIqsEmyGKf9E7yWe_eBIT0rRI4_HtPHMyoSjyOZrH3zZvwNA-ZlRZE4LeNOIPbNgNhMR6ynuzrb2CfkbUJhGvF5FgV9cNb6evtjxCGWcjiphZmxkk2aFTe7UkyqtI5u7GrQzclS5y54lcbs_l9XtVmvZduJDMQILYK6p2luK-SspyIJKSH9TPycFRk_l838O69OEt06kVU0lfKFiJgko3xkgs6vsmQ64DSGGKYU5kUnNNUAb38YS5qvoqMdeheSgE8SYlPDtSgXoBN52mCytLbq3IyBY3iyzLIuu9LPRJIR8zZss1We3phgbszZJZaTxje8F8KQCbzRdYbt5vWQsBaafvF0EimEqYMra_3hs8emoxQE7E3bw0rzbklzbtTy___MhYUlvkVUVVHsRY4JsvrlKmi-5Npl2KqLdb7qk5qrzcm7IwV-5PIJ88ejg5L87hgnbyF3I2uHrLuHAOhH3fO_3YlOuV_IIuP-w8RDkbrucDjYQSr0L1fSna-OZzCAsUCMbqBfuAqrM6xXvVjSfNLeDHVTxB7CnsXiTZ2z-YUtgWAM8V54S9ENAlf5WhclUxbQdHzyP_fIu1jx9Z0qlaiDt2a2wGxq8TlH-_aoNVMOzeEF_yPbXaFUJaiGxOJolJ5C6NRU42XUqvitDvWkPItWHOuJw7AFUdEkpXfeZ_yryMlJI5i8zdACDaSdd6CEqPuAySoJPy9KQ3Az8ZM1GsiqDFi_g-RHW2fYUSykDceqgsv0F0cAfb8T0m18pNHtisaBolJ5leDmy9LA5so29mUaLNErLNZJ1yR9nmaI3DTQYkYeKbLzYLbVlCANC79ey60jN8ckN8VjwYggHSD7ORon6vpsDk3wK-qdkRAaVgYrBGcQS0ODdjZIqBvX5cUbMTILWsGT7w88DQ41kHSDzFJqKAL24lKmwl9oJIzkPUvQ2lUqE-o77QmHw-Rm1xQhcRD-AZlQNz7WZIxkfqbFpLPjwJp60FO9D6Q3h_G3dC20x55GOpbQXenK2qvvN-Jd0EJjSLCH85lUSjj1hOloxcdYzKBd_orNZHHF7a2_Pl2nYo9iwJ4rvOi2eLI71u2VTAAyFCyv2S1E3cCIMY--g1mfSd2EK5vj_qHfomhvOCtJyksaOkhiQJ29ig&sai=AMfl-YTDP_lskl7T9WF3OMm7PwFp_ubxMoCvWChEZ-QG25zWogiY4x3RFiLWxjePEm1N9naoE-8rP1EAhBaftqJ3I19MzR0UBRv3KnLivVlbFvEAi9_n2bB9JBwwLIknGNyc1PR8hrmCOGuWZwX9Y7DoYIEwo8AJjI2v7hUo3RRKlPpkbAlWzsOoXtQOV2gE_-SG7Fw80Bis5tIkxjlNcGVwd-ATcV1sgKgdDTDxq8qGBv5vOqD5v5qnFsSYlK2mOEmSdu1COp-zAnSb5df5lvq7fIZgTvAKdC5qWbVREl131C0SZT_PpRgIW9z2C1IjL_-WqezSPfPQbA2FjTitUW6YkLdJq3h828NbhQm-7G_geyITT1vvr0BCV6I5Cbbc0zpUGoKhj52CrqcrLkTaSlMQme5TYCoot3O2vnWYrGtjvoXwjQ8nTGtWBDqPLzirZnHLEA6Xg1ZpHu68hY12ZlFys50k2hSLyM6MgiglHJuhoGf3mru0X0-9MLOhC3Hl01LxthqoL3P_3LWpVQ&sig=Cg0ArKJSzGLThwWjK96rEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=173&cisv=r20231109.66368&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 1DD4 43 B
1 KB 149ms
20ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577748&gdpr_consent=&gdpr=

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 17 Nov 2023 00:52:40 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 17 Nov 2023 12:52:40 GMT
X-ET-Code: 11
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1DD4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 686f616dbb9b491667dd4f1d4e651581e23d5c53c2c846a6260f0e05eb413f80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C4D2 38 KB
13 KB 17ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9B6F 466 B
235 B 52ms
49ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPa9aT_mEDWxyPCIMPXQkOwi3f-O7G-nnYE15RGoBP86qXZOGsw_505sIbGkdnTqvWXr8BlpgKiPSFy8ldy8rLl_NE7Cf7lLIFEjSV92LwhJS2MoENExacoeFTF8_WFdpQloO4XwurfizLLwf6UTsuzq9XjE5rWKp8727-mdzHwB0wdKk

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F9D6 89 KB
31 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D6 42 B
63 B 61ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALWUJvKm9fht5otdtTxgJLfcCuMUyi5Ve5oU1wDdfvRYlaho1JCJ8vgKBlucx2UBB8JW4rkfuH2D-mXDkXf_ByRqdIo8j4JiWJSQxmIOHa4x1df8A

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D6 0
20 B 61ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=53031148875484825&x=1&ct=77

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9D6 3 KB
1 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9D6 20 KB
8 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9D6 203 KB
64 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6EA8 38 KB
13 KB 45ms
44ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 717o-TLNjb-L-AC-UF894-1000-QL80-FMwebp.webp
cdn0.desidime.com/topics/photos/1694381/medium/ 5 KB
5 KB 36ms
36ms Image
image/jpeg 104.22.9.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.desidime.com/topics/photos/1694381/medium/717o-TLNjb-L-AC-UF894-1000-QL80-FMwebp.webp?1700133350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.9.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb26f37f705a8d60ef5f1c38943f03016da40df5659b0c439e27dbb624071a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
via: 1.1 9bc84c94880403a2bdfe0bc8f1800e4e.cloudfront.net (CloudFront)
x-amz-version-id: oMHFIJxJ3Hp9EnR1I3rpm6H2nxHyMDSb
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P1
age: 39360
cf-polished: status=not_needed
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4828
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Nov 2023 11:15:53 GMT
server: cloudflare
etag: "0069a2245ec6051b6d5f988e6eedff3d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315576000
accept-ranges: bytes
cf-ray: 8273fe0969d21e50-FRA
x-amz-cf-id: AtrByGpfH1w0GzquctUcdne2E9YqD4yH7G9EP00twCDhW9qBqrikIQ==
expires: Fri, 28 Oct 2033 03:26:55 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 89ED 113 KB
38 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 89ED 118 KB
40 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:26:57 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F91 39 KB
15 KB 34ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 61DD
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1835641/76534654/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6055132318164052&ias_chanId=1&ias_placementId=20785739509&bidurl=https://www.desidime.com...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_WLlWZeKSC8-QjuwPkqaYqA4&cbFunctionName=goog_wrapCb_WLlWZeKSC8-QjuwPkqaYqA4&true_pb=

1 KB
1 KB

16ms
15ms

Script
application/javascript

2600:9000:223f:2a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_WLlWZeKSC8-QjuwPkqaYqA4&cbFunctionName=goog_wrapCb_WLlWZeKSC8-QjuwPkqaYqA4&true_pb=
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:15:34 GMT
x-amz-version-id: 5yD0MD0xvY5qMDPlbaeccRZIQga4BLlQ
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 268627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 13 Nov 2023 22:15:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: f8GvtCKT7s1O_JX2TrZQs26TBccK0X-BxZ0-BdjjDKe8e4lJYVJtYg==

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_WLlWZeKSC8-QjuwPkqaYqA4&cbFunctionName=goog_wrapCb_WLlWZeKSC8-QjuwPkqaYqA4&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 669E 91 KB
23 KB 83ms
12ms Script
application/javascript 2600:9000:223f:2a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4927410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: tNRs0Sn0sr4Hx89pHu6WC8YhZkvpEGV2BYfuymj4CHA5hJje5SGuog==

GET

partner
sync.search.spotxchange.com/ Frame 9B6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPrRk0mpP6pAP2pqHAIwJDk&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 9B6F 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 9B6F 0
125 B 77ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUPa9aT_mEDWxyPCIMPXQkOwi3f-O7G-nnYE15RGoBP86qXZOGsw_505sIbGkdnTqvWXr8BlpgKiPSFy8ldy8rLl_NE7Cf7lLIFEjSV92LwhJS2MoENExacoeFTF8_WFdpQloO4XwurfizLLwf6UTsuzq9XjE5rWKp8727-mdzHwB0wdKk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 591ms
181ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyz9,pingTime:-3,time:93,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:93,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35%7D&br=c
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 587ms
181ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyza,pingTime:-6,time:94,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:95,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35%7D&tpiLookup=ao:www.desidime.com*&br=c
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D6 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3639685916978&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D6 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3639685916978&version=m202309260101&ct=77&x=1&cor=53031148875484824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F9D6 20 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTWdmSWQ0Wnm-Edw3BM75DWRxofRy7-ASdiItwWx0DI9CjBT5uy1FeDCZ_omo9PoDNLE4m_KNlUnX7mEgDwhyGP5q-szp09i6Th08yaZrZatxJB6EcNedyorekmbWoi6j3Egdgj_x_rNPFrpNJrVeg7mzKjTkkDFIT4GDEKiIqGjsof10&cry=1&dbm_d=AKAmf-DzJGUs1gigZwwY8afV9Bel2yAlQEgHveodGUIFUG3N9pqGSUKLJkGxNVX7Mgv6DVFTFX2IxtDrGAUBZbeWk40bPxD5c009wnf_hh6Ap-DS4sIWFjqO_Q2Se2Ifzxr_tXIdn8mWlJrOSUg6kT9aS2fhWoW3jwWuWwkvL2p_O-um1kcQ5xHz5GIYYqFusQIgZmZtXarEtQ0fzrLO3UU61vfJv-hcjnlBQa-IhYLrXTlIxa-LW8AGKFDo5zif_7UuIIjpB4NcBlF3_ABRKBEwvvRtknG8A8dFLxcX7ASPlDEMRQwbhWdY41srFPjTBBpvjzy02VPoNtXZKBMA4CbG0vS9toTmP9Lpwa0jCGc63gtYlpJ4ovcvDFj7tnWOEC9QK509cWIyUOnEnH2p1Fx6U2xz_jFwZh92fjkpFNZH3qPqmqERPxmQOOlyqkQWqKSp7HSD6iqo_2M6B09m7isqtrQE_cQKL572Brk5AVTVDAn6chSokldTQV0Dv4sonCNzHVJ1nJvXB0IftWeeRUkjFyf7xlyPRtbs9DRpX5e6tQjs-k0Jl0B-DPp5sMBXUf-nlkgJqr55CLRLUqild16dIXQ6ojjaXLEcVEyoPmmbAyB8mBqORpCtgUpEJFq7q8RPCUGv7hL9HZcnsoqGYftgBb3eotWUvk3HVmdrOHqIfxe6jN1eIE_N9c_ukWRap4n8DgU9wyI6RkAfLFpA0uWATPuEuGDOsi7dvFaQ1vaOouflHbO6hby36Aid0aOvIZfq8BcBLKxwjVEtKnrVR8TGeqmAR6YpIALzibIN42l8vkBuKDJWE1k25h-5LEzdI7ZnfT18aMbyaR7_282H4NZOhA-UuRxxJiXDA7i4TUBqhZJumGESZmjUMY2iR6lyKMFHgXC5Xb7_HjuVUjdfaL6xXkaKbS0uweZ9A5ngdblG9As-ojabpiDbWgC8pQSuYIac_j1hp-f0WPtJQNUL29Irn1AQcu1nkO6WpaRhyAYTMGkeuoPCqseqZYW6DG8jfqf54DPmnQu44yynjUY7qn4CeEVH8jX6Hvsa6VCaWA69fYFCufEGeTCD5G_R1WoosIpQOP7_rT7ZfwYHpEQbVM34Axcm8MuK17Dmv76nFjWT2roY7X1Md92GsuOYaFEZCr3PywmY_Q99Q5OEmWMtj5JU6qzfayaHk1iZ6zYH2RU5mRIgv42Yga4mVhIYLlHfiPaOMOZLh3hoOcZNWu6lFvJfrGUDxVAV4WVUJbiNLhPM4nt4R4TPJegZIrv1HGehc70MWn8ZyI1lVhB1939dH3wSFJJM5dMREHq58BBVqmN7jZ05g0KwU7oAL-2o2cAWnf8ri1K8gCfQT7QUu9ZczcCGnOA5k4K8rr_exWfsgX78Cnj1qk6THVKSp0rI_gfEAOyqUF7pVXu8Y4530SGK67TZh_76KPoLRCa-5ZZKd9OBG7Zr--9ud4goNn06DlGP1DHsonkEx5GKZdsHblrc0bG3C2-Icb1__tUUys0IgkjKEeuRlQ88xYameqkIcje7Lg7xq7L8LbPNb9erLDeu7qp64oAggPO-Rey7XOJyPH_Bpo07tMKIE8p48A7dH0rR5QKpnJUWRf7TmHbpA-rZszYjyevmLo9sTRWsRRLrcnD4c6Aiwe_ehuD7pyOHvNwfnJviqkeuU_R6SKYo3Qxm3iXKlue0cudJwtL6aynjddSRe1vACaPO95ujsxY9NR7OcaZ954uSCFF2ISLbJNbWwEwtFTjliG-z3T_JtIkjbRf7Uvylgl6hPsbRxIV8xPdelsY-skIJCsDVDwuHmdf5wLEr0YjjcKUVkefHwZ5YFS6axJiQ4m_572v14bhVWXyxDuQLeCikg_QG1aEEW4lBrXdb7NlKYOLcGw2i0J6EG20W_M5SgemKUKwZBY7wK5Ai8O_sOxI7E_vxbyVBk5MuasVnB-hjfy4ZjcrhVbgmZWzREuP_Hnje4uQyJs2KCJDSFJG8-xx5jQGJ1mAvOnqga96cL585WQ7yYyv8q3YY4DqFJWs-05j-yhU_kQ52pZDcrC6M_Ko09mI5j1oGaGOHK-IqCrL3mw-cJLZhIaQ4QWvGbAX-2Od9SVw1yudQxDyDpOiBIDp3-sUqg66a6bkD0ULK4PoIas8DQ9xE2PHr48ss1hjQSpLatFIbQIjbTmwy4gB_wiU1ftGbB48nz6BlbRR2pbjp7xkbNh_WWDgWRnQWa2RFbBx3tj0kn8I8Ft3J605rThvAAP9UjyLKaW3c7jf2gMzFC6t7scEe9EMM4YdBlf-kNzaO2gr3XX9T8Kb65LDKSb_LTgIs5aVxXkOg71eMwiBMaqui0hriEkso_HixD5ST3PKolcTfdVdFxiDdoxTa1kbDng3LLpfiHjveIPhiP-FoZS67I757wu_g4LMJ8dYCpblhhMvLwCKrJ3WfAyfDYK2aPn9--F9tj4cfhq2-E-8F1EZfKH60Sog9RVTTSNcxNmkLcwLQ6p92Qq_qRJqNEpQAlAcWBtijIsLoENQgZuuebq5hIAEbNFZzNbCIdLaNpoMmZiVq5daAVRQca1ThEfjILmvHTnzkHmyFRKFVhw8AtfyB-c4HX5wUj6mgp-Acuciw3aM9zFmEP3jwtIUF6UGOB3og1edMHFD2bGlD-KbpOKp7pJ1KobZ-B1ChH3BggS4XSMiOfAHLcpUUi5F4pZEb6JSzg6LMWWrQ6fVqdzrchxXDLdxX5wYIDAqQ7FoQ_x4haMcMi5GAeYf9KJVOR_bq31yjfiOXBMbIWNjRwpIvZGGckQ6xDEiIVXY9b9dPLUtlOnZ-GUTIZYUFuzIOY83H9wMOP9978_m_doSyGb0HPal7eNyClh6wczmDoVXyk6ii3cHtNvzVWMMOZfA_xfUVVpU5_Dgz13crlTBveVUVHodDyMuWtL5JoevOhXEfSuzvvmqzZmaVpyo0__6ZlGNUJagiA6vAqrkbcgYLCZzo7hWvOPawZvgpPgCQowAmv1ly0UPpEIRsQBbnkSi8FbOt1xaHgBio_xYX8jGqD0QtTJIfmO9rWVL6ynBtxCJmkSl0N2d5LaXVfIS3RO9jQFAVXCF_HnQYH33fAHXoXNnvw08ZAdD2OrLDty2tsSEpKyvGdr_UYXxcA3TjMZeHDFL2ON8qLx_VJ6bGLo3vVPOuYb41zefFqTEcM5rnsIW_wLnh5DMn8zgf22IjzFJqxx_KVYGIP2rqL6aVLhbPq0T3iK1PXxfu4L4Ube7xTLvNqBBFpuYZ6qh4cV8llJLiMvP-JieW2LaIAQdRekl-VTrPwtpya43E7n8xAYJlCc_Wuq_UJ95E5hLeMMumnPIRLEmdrXHZgrUiyQgDkEPi3GbfZxOVoi5Gm5fbQMjXVQl_wSeTydsMCZz9XeOfmIlVvV20fPdvqqqGCf3-SgUbwTLgaW3tvUZwAe3v-J2RbP75cGgLfbkwksFK21KHMrMKQp8DfUamOMYq6pjJgH5FpyOZRWricmQ-tAYLij3pb8Ny1X-93lQOUKDjX7yCOL0ZZmVE9x1aU0iNlQ_NAF0UpRZqjAiL7uU1G0JKy2Xvcv6GsvPXQbEWOldeeLrmjPfMEJwfXHg3p0GW21frIq2kuzDNkgE3QhyF7MAeqhcRiGf4gMvXX9kk_vj9ybSLGug1JJphhyW9YKyRsxjq815KV_etdgI2lC5ibLTZlydCh8Ar_NU-MSkwT45UGdnJXMCEdCnV_SZJ4sAcEMR9-6BWEy8wR0ub0IWh7AFzusKq9dtxYAnAPcoBJlUgon9RaB-H2hc0G6USKcRo-TfJJjgHp1rUhDpOWxRmXUoHfsMvsTzzQVMg-td2XJB5rVG4QCFiZgntCso6&cid=CAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.desidime.com%2F&ds=l&xdt=1&iif=1&cor=53031148875484824&adk=1033480531&idt=66&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2882a3a7dc6b58a10a3f54f8512a5eaa9eb2c4c6229c5daa2006f2b057151601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
216 B 557ms
180ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyzG,pingTime:-2,time:126,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:759,beZ:761,mfA:764,cmA:766,inA:766,inZ:770,prA:771,prZ:787,si:794,poA:795,poZ:815,cmZ:815,mfZ:815,loA:854,loZ:856,ltA:885,ltZ:885%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:126,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:35,sinceFw:90,readyFired:true%7D&br=c
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C4D2 39 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D073 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bim0qVrlWZYCMNe2S7_UP4dqT8AEAAAAAOAHgBAI&bg=!T0ylTAPNAAZxrfrxUa07ADQBe5WfOBZqsjMXzBiaRKxGzFWERldK_QMG-if1Axr38U2BUSw0l_5HVPVuoL71Rp4zAVrBAgAAAhVSAAAABGgBB5kDF0fRiAlnHjjjQsMPkE91bCsPSnbLZWWLyKfnjMC1eVOcmL4LrwSFdALMC_gJ9TElEXI7-zaAfI9hMqRTJwnkF6x6uWEWWSivxa115m_fF7Fpi3vvTJZWD4aw37Z-EynJntEQCucOeifcCzbh8lednoqa7OL42i9iZ6n7gSu620vKbmHil32xKI-M1GRRUlE-7YAtGSUik6HfaSDRdFT8qSMBjVzALUszAcYVO4nBaz_iyToVSH6tkf42ZdCq-r_b43gq4rKRUNj3SCgmfBhdMdm36zFrXgNSpQ9WJ8bYfITRqFsKvMtA2rcxYd5KDRtj7dFQ0bSfb4FWeROwsbZIwnN8T6gJkeg8iX1jaSY58t-KgiZFAACe5pqX6AckevhHag4jsc9GOVt0nXCfb6iePa4S5zuEwuw6vtN9A_cc8PRjGWtc_DYnpa_0hd--BNJfJhY6GPqmFN_Rk41a82sAoHkgWFq50sPiSf4bXtcC2osUJ_-89LoQA4uV2J6ToDjqikgjmOlodFbcT41x79p8FTVt5MEut6UBhRuQ3MyfR2MmPX4K1Dr6YVDvupuwoQaeLCcKCji6txNRp88Sh20fy0pW8eNsLxvCC1qBS9O_HWkvNKDrKkA37HbpscYLTyB-AYZtGXSOc_UZz9Qgw5hyEr4kKAYM-L0WIlEDbFQ8NmL2R9bxdLpLsrLn5e7y-e_GcHVZPg9NfzlyeSkIXz07kbWW_b5LdKjvShuVADumsUiiRAqzTYVXI4TAe29X_uKGHBV7EC04cRErDomzfHlvtkffhn1g-KdBGcb9XHsnoKsYr_py2WzXCsLt-af33ONw-r6ZpJJDmx4PYRSfZDdfcd_u42mjJwnwJ4N4lkxu0gOGKsxfRkm9uvLRJ6lIrQL5FlhCvqkEdG1f3tOxiasfD77hE0hN2d3auLLJqyzr_jNHcrO19YLqzKAA-UTyEIe6WCeuS-7Kpi6JCuvNRL-66UyrRWOBNZsGwTzmQawVUdGo5FpnE3PHQyUZwCzz7s1xkvGNVBs_KWsNOLJso9odOHm2vRmP4HqM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E439 42 KB
25 KB 143ms
143ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

beb00bdb9cbcab1ef9208b676e6ef39354940886d39cd4c351be25bff9467f4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EA8 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8790 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1DD4 0
0 93ms
93ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssYAvOavcd7skOyErhBgPvCDmXxnrnVwdWqSzB_HnDpt1-TU3kqrTmz7qS23C5Qi-IaPEGxOG21l305eP0lUwSQMBQSn9yXiNxVOBpIZPw765B5ViRQLui05q0UmW5QWd1qMGFstzhXC1bH2LmHpPljJd40zIJIAJCqlQdgFeKkREookfPt5HBUEe_HRDrE2qz26x7fwTWeT4fAXUzcHST0He7WXcpJ35mgUqqWVsRbQNy-VvjKaBqZoQQZcgRMlEQken-XKCIqsEmyGKf9E7yWe_eBIT0rRI4_HtPHMyoSjyOZrH3zZvwNA-ZlRZE4LeNOIPbNgNhMR6ynuzrb2CfkbUJhGvF5FgV9cNb6evtjxCGWcjiphZmxkk2aFTe7UkyqtI5u7GrQzclS5y54lcbs_l9XtVmvZduJDMQILYK6p2luK-SspyIJKSH9TPycFRk_l838O69OEt06kVU0lfKFiJgko3xkgs6vsmQ64DSGGKYU5kUnNNUAb38YS5qvoqMdeheSgE8SYlPDtSgXoBN52mCytLbq3IyBY3iyzLIuu9LPRJIR8zZss1We3phgbszZJZaTxje8F8KQCbzRdYbt5vWQsBaafvF0EimEqYMra_3hs8emoxQE7E3bw0rzbklzbtTy___MhYUlvkVUVVHsRY4JsvrlKmi-5Npl2KqLdb7qk5qrzcm7IwV-5PIJ88ejg5L87hgnbyF3I2uHrLuHAOhH3fO_3YlOuV_IIuP-w8RDkbrucDjYQSr0L1fSna-OZzCAsUCMbqBfuAqrM6xXvVjSfNLeDHVTxB7CnsXiTZ2z-YUtgWAM8V54S9ENAlf5WhclUxbQdHzyP_fIu1jx9Z0qlaiDt2a2wGxq8TlH-_aoNVMOzeEF_yPbXaFUJaiGxOJolJ5C6NRU42XUqvitDvWkPItWHOuJw7AFUdEkpXfeZ_yryMlJI5i8zdACDaSdd6CEqPuAySoJPy9KQ3Az8ZM1GsiqDFi_g-RHW2fYUSykDceqgsv0F0cAfb8T0m18pNHtisaBolJ5leDmy9LA5so29mUaLNErLNZJ1yR9nmaI3DTQYkYeKbLzYLbVlCANC79ey60jN8ckN8VjwYggHSD7ORon6vpsDk3wK-qdkRAaVgYrBGcQS0ODdjZIqBvX5cUbMTILWsGT7w88DQ41kHSDzFJqKAL24lKmwl9oJIzkPUvQ2lUqE-o77QmHw-Rm1xQhcRD-AZlQNz7WZIxkfqbFpLPjwJp60FO9D6Q3h_G3dC20x55GOpbQXenK2qvvN-Jd0EJjSLCH85lUSjj1hOloxcdYzKBd_orNZHHF7a2_Pl2nYo9iwJ4rvOi2eLI71u2VTAAyFCyv2S1E3cCIMY--g1mfSd2EK5vj_qHfomhvOCtJyksaOkhiQJ29ig&sai=AMfl-YTDP_lskl7T9WF3OMm7PwFp_ubxMoCvWChEZ-QG25zWogiY4x3RFiLWxjePEm1N9naoE-8rP1EAhBaftqJ3I19MzR0UBRv3KnLivVlbFvEAi9_n2bB9JBwwLIknGNyc1PR8hrmCOGuWZwX9Y7DoYIEwo8AJjI2v7hUo3RRKlPpkbAlWzsOoXtQOV2gE_-SG7Fw80Bis5tIkxjlNcGVwd-ATcV1sgKgdDTDxq8qGBv5vOqD5v5qnFsSYlK2mOEmSdu1COp-zAnSb5df5lvq7fIZgTvAKdC5qWbVREl131C0SZT_PpRgIW9z2C1IjL_-WqezSPfPQbA2FjTitUW6YkLdJq3h828NbhQm-7G_geyITT1vvr0BCV6I5Cbbc0zpUGoKhj52CrqcrLkTaSlMQme5TYCoot3O2vnWYrGtjvoXwjQ8nTGtWBDqPLzirZnHLEA6Xg1ZpHu68hY12ZlFys50k2hSLyM6MgiglHJuhoGf3mru0X0-9MLOhC3Hl01LxthqoL3P_3LWpVQ&sig=Cg0ArKJSzGLThwWjK96rEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=481&vt=11&dtpt=302&dett=3&cstd=173&cisv=r20231109.66368&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame DD17 42 KB
25 KB 82ms
82ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2519d7573fb6aec9094fce2df8d65667ee21a320e4e2dc38421f886030e5cc32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F9D6 41 KB
14 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTWdmSWQ0Wnm-Edw3BM75DWRxofRy7-ASdiItwWx0DI9CjBT5uy1FeDCZ_omo9PoDNLE4m_KNlUnX7mEgDwhyGP5q-szp09i6Th08yaZrZatxJB6EcNedyorekmbWoi6j3Egdgj_x_rNPFrpNJrVeg7mzKjTkkDFIT4GDEKiIqGjsof10&cry=1&dbm_d=AKAmf-DzJGUs1gigZwwY8afV9Bel2yAlQEgHveodGUIFUG3N9pqGSUKLJkGxNVX7Mgv6DVFTFX2IxtDrGAUBZbeWk40bPxD5c009wnf_hh6Ap-DS4sIWFjqO_Q2Se2Ifzxr_tXIdn8mWlJrOSUg6kT9aS2fhWoW3jwWuWwkvL2p_O-um1kcQ5xHz5GIYYqFusQIgZmZtXarEtQ0fzrLO3UU61vfJv-hcjnlBQa-IhYLrXTlIxa-LW8AGKFDo5zif_7UuIIjpB4NcBlF3_ABRKBEwvvRtknG8A8dFLxcX7ASPlDEMRQwbhWdY41srFPjTBBpvjzy02VPoNtXZKBMA4CbG0vS9toTmP9Lpwa0jCGc63gtYlpJ4ovcvDFj7tnWOEC9QK509cWIyUOnEnH2p1Fx6U2xz_jFwZh92fjkpFNZH3qPqmqERPxmQOOlyqkQWqKSp7HSD6iqo_2M6B09m7isqtrQE_cQKL572Brk5AVTVDAn6chSokldTQV0Dv4sonCNzHVJ1nJvXB0IftWeeRUkjFyf7xlyPRtbs9DRpX5e6tQjs-k0Jl0B-DPp5sMBXUf-nlkgJqr55CLRLUqild16dIXQ6ojjaXLEcVEyoPmmbAyB8mBqORpCtgUpEJFq7q8RPCUGv7hL9HZcnsoqGYftgBb3eotWUvk3HVmdrOHqIfxe6jN1eIE_N9c_ukWRap4n8DgU9wyI6RkAfLFpA0uWATPuEuGDOsi7dvFaQ1vaOouflHbO6hby36Aid0aOvIZfq8BcBLKxwjVEtKnrVR8TGeqmAR6YpIALzibIN42l8vkBuKDJWE1k25h-5LEzdI7ZnfT18aMbyaR7_282H4NZOhA-UuRxxJiXDA7i4TUBqhZJumGESZmjUMY2iR6lyKMFHgXC5Xb7_HjuVUjdfaL6xXkaKbS0uweZ9A5ngdblG9As-ojabpiDbWgC8pQSuYIac_j1hp-f0WPtJQNUL29Irn1AQcu1nkO6WpaRhyAYTMGkeuoPCqseqZYW6DG8jfqf54DPmnQu44yynjUY7qn4CeEVH8jX6Hvsa6VCaWA69fYFCufEGeTCD5G_R1WoosIpQOP7_rT7ZfwYHpEQbVM34Axcm8MuK17Dmv76nFjWT2roY7X1Md92GsuOYaFEZCr3PywmY_Q99Q5OEmWMtj5JU6qzfayaHk1iZ6zYH2RU5mRIgv42Yga4mVhIYLlHfiPaOMOZLh3hoOcZNWu6lFvJfrGUDxVAV4WVUJbiNLhPM4nt4R4TPJegZIrv1HGehc70MWn8ZyI1lVhB1939dH3wSFJJM5dMREHq58BBVqmN7jZ05g0KwU7oAL-2o2cAWnf8ri1K8gCfQT7QUu9ZczcCGnOA5k4K8rr_exWfsgX78Cnj1qk6THVKSp0rI_gfEAOyqUF7pVXu8Y4530SGK67TZh_76KPoLRCa-5ZZKd9OBG7Zr--9ud4goNn06DlGP1DHsonkEx5GKZdsHblrc0bG3C2-Icb1__tUUys0IgkjKEeuRlQ88xYameqkIcje7Lg7xq7L8LbPNb9erLDeu7qp64oAggPO-Rey7XOJyPH_Bpo07tMKIE8p48A7dH0rR5QKpnJUWRf7TmHbpA-rZszYjyevmLo9sTRWsRRLrcnD4c6Aiwe_ehuD7pyOHvNwfnJviqkeuU_R6SKYo3Qxm3iXKlue0cudJwtL6aynjddSRe1vACaPO95ujsxY9NR7OcaZ954uSCFF2ISLbJNbWwEwtFTjliG-z3T_JtIkjbRf7Uvylgl6hPsbRxIV8xPdelsY-skIJCsDVDwuHmdf5wLEr0YjjcKUVkefHwZ5YFS6axJiQ4m_572v14bhVWXyxDuQLeCikg_QG1aEEW4lBrXdb7NlKYOLcGw2i0J6EG20W_M5SgemKUKwZBY7wK5Ai8O_sOxI7E_vxbyVBk5MuasVnB-hjfy4ZjcrhVbgmZWzREuP_Hnje4uQyJs2KCJDSFJG8-xx5jQGJ1mAvOnqga96cL585WQ7yYyv8q3YY4DqFJWs-05j-yhU_kQ52pZDcrC6M_Ko09mI5j1oGaGOHK-IqCrL3mw-cJLZhIaQ4QWvGbAX-2Od9SVw1yudQxDyDpOiBIDp3-sUqg66a6bkD0ULK4PoIas8DQ9xE2PHr48ss1hjQSpLatFIbQIjbTmwy4gB_wiU1ftGbB48nz6BlbRR2pbjp7xkbNh_WWDgWRnQWa2RFbBx3tj0kn8I8Ft3J605rThvAAP9UjyLKaW3c7jf2gMzFC6t7scEe9EMM4YdBlf-kNzaO2gr3XX9T8Kb65LDKSb_LTgIs5aVxXkOg71eMwiBMaqui0hriEkso_HixD5ST3PKolcTfdVdFxiDdoxTa1kbDng3LLpfiHjveIPhiP-FoZS67I757wu_g4LMJ8dYCpblhhMvLwCKrJ3WfAyfDYK2aPn9--F9tj4cfhq2-E-8F1EZfKH60Sog9RVTTSNcxNmkLcwLQ6p92Qq_qRJqNEpQAlAcWBtijIsLoENQgZuuebq5hIAEbNFZzNbCIdLaNpoMmZiVq5daAVRQca1ThEfjILmvHTnzkHmyFRKFVhw8AtfyB-c4HX5wUj6mgp-Acuciw3aM9zFmEP3jwtIUF6UGOB3og1edMHFD2bGlD-KbpOKp7pJ1KobZ-B1ChH3BggS4XSMiOfAHLcpUUi5F4pZEb6JSzg6LMWWrQ6fVqdzrchxXDLdxX5wYIDAqQ7FoQ_x4haMcMi5GAeYf9KJVOR_bq31yjfiOXBMbIWNjRwpIvZGGckQ6xDEiIVXY9b9dPLUtlOnZ-GUTIZYUFuzIOY83H9wMOP9978_m_doSyGb0HPal7eNyClh6wczmDoVXyk6ii3cHtNvzVWMMOZfA_xfUVVpU5_Dgz13crlTBveVUVHodDyMuWtL5JoevOhXEfSuzvvmqzZmaVpyo0__6ZlGNUJagiA6vAqrkbcgYLCZzo7hWvOPawZvgpPgCQowAmv1ly0UPpEIRsQBbnkSi8FbOt1xaHgBio_xYX8jGqD0QtTJIfmO9rWVL6ynBtxCJmkSl0N2d5LaXVfIS3RO9jQFAVXCF_HnQYH33fAHXoXNnvw08ZAdD2OrLDty2tsSEpKyvGdr_UYXxcA3TjMZeHDFL2ON8qLx_VJ6bGLo3vVPOuYb41zefFqTEcM5rnsIW_wLnh5DMn8zgf22IjzFJqxx_KVYGIP2rqL6aVLhbPq0T3iK1PXxfu4L4Ube7xTLvNqBBFpuYZ6qh4cV8llJLiMvP-JieW2LaIAQdRekl-VTrPwtpya43E7n8xAYJlCc_Wuq_UJ95E5hLeMMumnPIRLEmdrXHZgrUiyQgDkEPi3GbfZxOVoi5Gm5fbQMjXVQl_wSeTydsMCZz9XeOfmIlVvV20fPdvqqqGCf3-SgUbwTLgaW3tvUZwAe3v-J2RbP75cGgLfbkwksFK21KHMrMKQp8DfUamOMYq6pjJgH5FpyOZRWricmQ-tAYLij3pb8Ny1X-93lQOUKDjX7yCOL0ZZmVE9x1aU0iNlQ_NAF0UpRZqjAiL7uU1G0JKy2Xvcv6GsvPXQbEWOldeeLrmjPfMEJwfXHg3p0GW21frIq2kuzDNkgE3QhyF7MAeqhcRiGf4gMvXX9kk_vj9ybSLGug1JJphhyW9YKyRsxjq815KV_etdgI2lC5ibLTZlydCh8Ar_NU-MSkwT45UGdnJXMCEdCnV_SZJ4sAcEMR9-6BWEy8wR0ub0IWh7AFzusKq9dtxYAnAPcoBJlUgon9RaB-H2hc0G6USKcRo-TfJJjgHp1rUhDpOWxRmXUoHfsMvsTzzQVMg-td2XJB5rVG4QCFiZgntCso6&cid=CAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.desidime.com%2F&ds=l&xdt=1&iif=1&cor=53031148875484824&adk=1033480531&idt=66&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE4MjM2MDcyNTIyOAogIHNlcnZlcl9pcDogMTM1Mzg2NTg3CiAgcHJvY2Vzc19pZDogNDI3ODkyNzEzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F9D6 0
23 B 60ms
53ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDE4MjM2MDcyNTIyOAogIHNlcnZlcl9pcDogMTM1Mzg2NTg3CiAgcHJvY2Vzc19pZDogNDI3ODkyNzEzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzA4Mjc2MjQ0NjE5NjAyMDk4NwpkZWJ1Z19rZXk6IDE4MzUyMDU4NzI5NzQyMDg3OTQ1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0xNyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5e5b09cb561a004f0000000000000000","13":"0xcdd198c6cac28eb30000000000000000","14":"0x209ad700d2a89cf60000000000000000","15":"0x1b04566e41f0b1510000000000000000"},"debug_key":"18352058729742087945","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"13082762446196020987"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 89FB 398 B
225 B 44ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYkfrV_QEwAQ&v=APEucNUO162C_FDYIyMFeatrgeBJy2O-ZG48qNluvPyqPUkyvOAh9rUjXGdv_xpOVvYDTJ5MIYIVGwCkwugE5rXi1vFypdUMqIDyppOuAwfrwttUGaIwmuza8wd19gOmRcZEjDmfLNfJv84b80L25vBbYP3q0CnJcQfIBZMs-PbfD6i5QNdEMTw

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:40 GMT
expires: Fri, 17 Nov 2023 00:52:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8790 172 KB
60 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Origin: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:16:58 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 8790 7 KB
3 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8790 23 KB
9 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8790 41 KB
14 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8790 3 KB
1 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8790 20 KB
8 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8790 42 B
63 B 64ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0jojgoDJ6Ad9gNAT5f0ZugwFmsyagBmS4PIY3bDU3-rSfjcCJl-Tpbvr5E1gxkY849K0b5gyrQkI-Z4AUjg1NN_c8dOTIZS18uBS-6hbG7ZhZckY

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8790 203 KB
64 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:40 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame F9D6 11 KB
4 KB 59ms
13ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1700182359969149&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e228703387f214989b7598cdb704b5f8a77d9ebdb73d5cfe5de845286a46538c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4185
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 89ED 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 00:59:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 89ED 8 KB
6 KB 36ms
35ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947ab94f87a0aaed3d91c687869f43276efe65d58c5115684cf8d2ee98ad6afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5887
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=2965325553841341&bg=!sbKlsv3NAAZxrfrxUa07ADQBe5WfOMZJG5lBD65cNZVFwbt6Sc3r7Sv5-SjfWPHGaSL7Y8q8KVYyunB__FArhimShIjqAgAAAnVSAAAABGgBBwoAd27o5JKUsWWjrDf7zlNFKUmOhGRK0uEz5p0eGhodSiUCW7O2YCD6D58TS-AYNeMw0RQIatdovISN651sk4_dzfXqrL8ySoNt_ARDMJZCEyj5DLmgAFSWQHYl4LcyI1Z80aHcd9SMXX6GEpcK0DP1UQLNSf0eGKwpmQK33sqGfBjwm6T3F0iwF9gyKM3McDPDGgQS4p4-LeXSr1xqt6tUeDNvrNXYNcULMccFdswYnq0JBg6c0jP9g1b4U7O28tNey6jO4DxpobBnymwkSlec225usFTQ9pNQfuBchxL3LpS9ENY2Cunkan9iUdkw7KOyOBcpHy9rscSZ7x1YTcCwxQLJIiMAUdDdsrf80V6kQ30XPURxvy47tlxNaMY2TCDStwp1vw9aIGIo6Kvq8jUMROlHKnXNFsVxluZZonmbtTc6rYlPOaEkGaIi7BgyQWj7_skvBcGNEpTXU7qSXA9Zk5eJPZnDbOZZw97Sx5fXOHyTB0Ptr2hw8CqC6mRehgY5D6OCLZfsvigVH3h8VhEewxMWKECeVdDOHftdDDZEEC662MmipebGGhntxmMxj5RkmrkwcSw9kiqjM6TmTUv7MWN2JnBsXjohRzBl_qZCovTsSmCGAWrvTqHmCGXcBVD38VK5dnD7Z8dABiT6aBf9yZyS7Vt3tJPzEsKk_mGgm8F8RQk7pA_IYanysJfOAP_p1XTPtWmaNJXEYxgTTVkHK1RoWUBQZCdwHLsOjxi364BO4k6u4hB-kTB-LLYIlB-JSFgsSJLi49kZj24QgrIdHfMVXl6D7ZUq4T6pyKm8riCXAfyoyBMuP-BMjbyjRRqrQAAU_BFjaKcLWiKnT9tdTF5btjCu-SCEr5kAdFMWSfU9h8wv1BMTWLpmHjvALXeTlahvYwByvQ5ZDB9dpQd4-v4YvkGJJFLm2wT2G42B4Vc2e5gaea5y4cpiN5HgOVBZKhSpqNVsUp3K_tKYOMCZ1tnEAT0iVVR_BHWnTutC3Ml-2ZR_pE_LI9gjMpB8jKaZc6iITy9ahqEkGkBYlPhDnhtKGFUuZdkv3xHPxntJbZx3eeMZsbGV94QpUPhs3Oajp0E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.desidime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame E439 11 KB
11 KB 14ms
13ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:19 GMT
x-content-type-options: nosniff
age: 100282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Nov 2023 21:01:19 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E439 600 B
624 B 18ms
17ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:36 GMT
x-content-type-options: nosniff
age: 185765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:16:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E439 530 B
554 B 17ms
16ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:22:46 GMT
x-content-type-options: nosniff
age: 552595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:22:46 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E439 665 B
689 B 17ms
16ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:43:50 GMT
x-content-type-options: nosniff
age: 594531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:43:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E439 15 KB
15 KB 74ms
35ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 5145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E439 15 KB
16 KB 54ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 264150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E439 15 KB
15 KB 66ms
27ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 100274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:27 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E439 35 KB
35 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5jJCEBs3oyUOcb1zLVZFPUw6TwNRitATJg2W0ArxpIEJGxvaiNDV0QrBp58jZKWmiWYCeZ-xYcCXDo6oDpsMdFpz6pKu6bcrw1zCcarP4ytQ8BVtmfQdOMHIJEIekX4ZzZHq3lGYQXdkuE6nIAKZtGLDQt773UPPv3gXW_MFjaNMN5SnjYfkfHoMpnwDNhv9jQZ-CmDYklFPMxwmmt6ciETtRyAw&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ea80ca7d6ff578073f6ebbc727d5827e637c57c3e197bd5fb7b9ed1cf905b25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame DD17 600 B
624 B 19ms
19ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:36 GMT
x-content-type-options: nosniff
age: 185765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:16:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame DD17 530 B
554 B 19ms
17ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:22:46 GMT
x-content-type-options: nosniff
age: 552595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:22:46 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame DD17 665 B
689 B 25ms
23ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:43:50 GMT
x-content-type-options: nosniff
age: 594531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:43:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD17 15 KB
15 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 5145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD17 15 KB
15 KB 33ms
31ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 264150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD17 15 KB
15 KB 40ms
38ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 100274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:27 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame DD17 33 KB
33 KB 32ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA47nZd4bb0q2M2nwrwH8QPvr9NdIQw0gb98XRIb7pf13iXnCrlqAqz6fSdltBtthDK_3AQ2hb7YzDC4JL9n29HjlVmGrYcCHA97fy8Cxvgky1TST8XkZb_LW4oZWH4sgqcWs9khs0fPCQZPfvy8CrbEgvZ8QYuj0AtYJnjJujQxYAUQHmwW7Ch7CzWQ1Pb86UhdoTWUOYq8mdJSEbwS2peFm7f0Rw&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62c5773b764311099c260f755f2c261e257446146f69ce0900f8b3dd80f7b464

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LdEPy0cAAAAANzoQ9mLW1kfCYvZcG47uDii_VW9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 89FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOzcseZH37sunZhR9QBbVJk&google_cver=1

43 B
114 B

119ms
26ms

Image
image/gif

185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOzcseZH37sunZhR9QBbVJk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYkfrV_QEwAQ&v=APEucNUO162C_FDYIyMFeatrgeBJy2O-ZG48qNluvPyqPUkyvOAh9rUjXGdv_xpOVvYDTJ5MIYIVGwCkwugE5rXi1vFypdUMqIDyppOuAwfrwttUGaIwmuza8wd19gOmRcZEjDmfLNfJv84b80L25vBbYP3q0CnJcQfIBZMs-PbfD6i5QNdEMTw
Protocol: H2
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOzcseZH37sunZhR9QBbVJk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 89FB 43 B
113 B 156ms
26ms Image
image/gif 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYkfrV_QEwAQ&v=APEucNUO162C_FDYIyMFeatrgeBJy2O-ZG48qNluvPyqPUkyvOAh9rUjXGdv_xpOVvYDTJ5MIYIVGwCkwugE5rXi1vFypdUMqIDyppOuAwfrwttUGaIwmuza8wd19gOmRcZEjDmfLNfJv84b80L25vBbYP3q0CnJcQfIBZMs-PbfD6i5QNdEMTw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:40 GMT
content-type: image/gif

GET
H3 200 container.html Show response
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C512 6 KB
3 KB 32ms
25ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.desidime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:38 GMT
expires: Sat, 16 Nov 2024 00:52:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AC74 38 KB
13 KB 28ms
23ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 257 KB
45 KB 61ms
57ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2f7f1c338d9cfc066645bb2fafe534f6bc4be24d7fdb86ee6a1fbd86337365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:41 GMT
expires: Sat, 16 Nov 2024 00:52:41 GMT
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 8790 0
0 64ms
63ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss4OBgGVEr8wBq7OpR9P4syWycGL7rtok8vQDlaY28opUKu5RHosfxe-w1WRxO7A9ZAGjDgdZJdepKlFme5c6OkZAQMA0Zfp0tE36B19VQ6emmY7kb_Z28BnxK3s4IKhiC_kQe7pq16IjlHdFF1uXtdErGEWjakk2zcIuoqvD91IZshFQPsVOkBdnSRMe0O9FNxGW9I02X00Cum2mSVK0tjxZD2nnp6DROOviYUOyu-XJmI5BD7j6xDTrC6Vi8vu3qGMLfKCUzO7427nb9BFm8qbjcJ0BuU-MhrTcuoNMpKi00519VJMzDx0QpBac3Pexuxk_bDV6uXfTT8DKOQKhwIQoAC-MIThZID0C26yfk1I8BVFDNZJEJjVy9W1s6r6KNUPe5I2V6u22UZDdtkuXCmf2GbLgSS353YU6tp_GXagbCGzHakoN8Uh4SvHvHUCQSOym6Y5Neexyb50qyY8r6BUTzSbhNGzLvtcGEhK4TNRq-nk8GfnN94_cMUqPbITYM5uOKoXUdG5hF6411xPWw56KfotvQycUbnA8I-eTJzdlstvKmKZUgaxB_3UA5pGphXw1AaqlzF2iV1iZ8T_m-lmWlm3Ff8p0b2Vsu3BMzLuI8mEt-cwhtl6G26XmfJlpKX7k3EINWQGdnQz8Jmy-2Wcq5dt0lC9KEtWHi2JS4_qArr-rmxyd6GxZxQgXRCWqsDPJRmFiwdAOhpVIAOgHE3DLYdaka5dROAMRBX9bmd5Z-wjiqGpylq36fcN-J6l5BgRpvgoISbozYG2q5P4QySgbPav_cQ9T0m7X2JhELyB04q-qbHBh4oLi-3ddDmCScHLI-xDSJo2pSBxf44toS3YsqmfzpH25byETybfw5WvDiTW_uik7Is8jDdtPN61jB-hgOL7jyL0dZwU-pG2lmNet7dbgo9NmGE-XK3twlVOFUgoS5sUOlLT6WcO7CYkOSLnZkBouKWm_j6xL1IUg5HoYp_4r0-Ul6Oylg7B-whXUtpBjvJPNlEqnS4RERJ5n-BZ1rxdB6GfqdSwjdvNniPfnUu6Vwtw1XgbkKSutXGJZ0SEqHiUaF6aVL-5AyTe4OmZ3c_sJzMDbVfp-HDlXunbV5YY3mWrtz-UYhMPGvi7UzOzTUJi99EK6gu5ll9Bn0SSaElcDAUAhPNcGej4QiR93C38AzbhfKeqQzXVX5Y_oEVfHmclsUex430vGhG2webOON9EuDkgoASmBNjcZI0mr8r6J6PA7mGufxdD81FLyE3gDuMLZPPhkNCGht-Ikv75BcNy9dLaPk_G1xj0HPcWiO9N1XMNzaubUicxWTPGKQ9gQbr3F-vEHsHdWNGaiUDdG9-DOuaVxolUZvDPxnEuVIx9AO3tF-F-hWdg29kx1U&sai=AMfl-YTaQmr2QDhV8v8gYkCsl30GhTQJ8dFBvalR_qjmg4KVku90wRuDBEaZ7qeZZvnrc7R7mvtJyOxB9SddnqsURVh_OuroUZ8cKkBgjQ-EVN7WJKh3Ki-I2Cwm70QCsZLRcJalaFFItJ5drYpCnzx20zyxaUGO4UfClmcTPi_ROSXy1L4kv05ybZCMQzblIfTh0Fre24SrAsusyOhAgGK9ESCIoO1rHGrCadRI18bef0_DdsbUE_cJ2sTYCfbZGBQsBeQ-qzK9XhTiA66tCsAXchP0_f93uBRJGsFKVZmjhuuBl8_l_aN1Vpq-K_ojpowOEzQ_4bKqs0yogXwApCAeZq06N0G70s-flnSXRuSvHtszCdC07YkupbaqWm8QX0-wN7RPD2KZ98SurEQO_wczC0_rP3r6L7byfQo3kt0SmJ4hOShVCFviQYkWxpLw9HCBudXaHUv_x0N1XbK8ONM2-B3jj_vMrM34-tnl72E-FxEqMhZdeIRGlySAgL8bHprzz9a6ch9k-y1kBQ&sig=Cg0ArKJSzDIutj3z_SPVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zYW1zdW5nLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=378&cbvp=1&cstd=371&cisv=r20231109.64441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
samsung-germany.demdex.net/ Frame 8790
Redirect Chain

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699

42 B
735 B

40ms
40ms

Image
image/gif

34.248.171.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

34.248.171.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-171-95.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-07bc3a343.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 69xX8xYgTSk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-074995c50.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: hxF0AZ9DTX0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=189638479&d_adgroup=23233&d_placement=380889841&d_campaign=29651479&d_cb=209803699
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame F9D6
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

104ms
77ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e0009ad7a1675224dfca568757792039f0ede9f6a555affc0bc019257611d6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 00:52:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 27893600004452004444550012511025
Connection: close
Content-Length: 1329
Expires: Fri, 17 Nov 2023 00:52:41 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 00:52:41 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 17 Nov 2023 00:52:41 +0100

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 89ED 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 89ED 80 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e22e6a4c1770831466a702ad01381d6e8ad3facca6587e0f70bd4fe77679b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19260
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 13:32:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 00:56:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 189ms
188ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyIK,pingTime:-10,time:688,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700182361277%7C%7C67ae3e030eb38dbd01b665d880bb2d4f%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C00292dc6b1a8da4250c56343c82f8d30%7C%7Ccb66f4f8da9a9c58c4e3302ba58492cb%7C%7C068e51b75e25dd0757fb757c1b82e147%7C%7C7af045ceedbd296ea339f96bfa9af520%7C%7C37ee91a1529ce317773e726bb374739d%7C%7C1663701684%7D
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 8790 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 635eeece7a9de9e53d655459f7181a5318274067b86838d54de661c0c73680dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 67D7 38 KB
13 KB 15ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D2F4 120 KB
41 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 23:44:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9423 0
19 B 51ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGNSInP0BMAE&v=APEucNXO_QBvs5lMV64AV9pqFr4OvDKgjKbuCxFQz6V2naTEdA-c7eBjSzy1J-GEWmmv9MDK_xOXCcZyFsd0_zBD_FoeqbNS__YalbVFYbzqMWZMc8pFDV-8xqabfCTgD2V12GDVkGqJKpvbM34ViOs6HTJ8s9iUD3xGoc0mbFTetbeRDF8sqoI

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:41 GMT
expires: Fri, 17 Nov 2023 00:52:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C512 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C512 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C512 0
0 60ms
60ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6XcZ6vMg4920hpyYSx-ubgL3gGvw06WNAh8uwq3VBpiUER3S9KO3DYcnMJwbNI1hLDjPTOx_G8jbUToSJvpH8hiwGMf0j7lNcuMpYVwMSDhOn1N29AsH_w6fp232EZTy_N7DcTnVfQ4hNGPsLOzS-0xG__aTYTAEPgVyfgR-eHMneDMQoDSx4EMahOA5l0b1XmXS_fFFuEbbRjljgVZezUoXlqGFCs1Pqie26eUc7aH1fCItc6MXxsVFkvv5mrpa2xXRXgabK8zcDQ5KD8dHGIIssCNJRKov2r9Ty72F0gi3ppskatZWcPWo3DKPPCKT7vxUoaZEl9gjmNKBe7Su4A87Mvm2Qkbg52r90sge8f9l_sm56ztyMMl-Nf0CHD2vjdm5L9lJDrC9pp3QeP2EaUp_doX-Wxpqijqd-jQhaxSl_aTFgnD9eSuEbsxdFmbh02d6H7KmQVAdmsi3zGIWK5NW9gwAoNfsENv4KA7yx-Pwu5SG2bA02sJKZbBlqTjI4GOg63ucVqPUtD2rJnb36PQoEdygM2osuSgFnq7HDUXSJREczCRMEYx9aSaInWHKniZ2xYCr1uOujvyTsLHHlBa_SWvhO8VMQ7AzJ0W2jlGcQRQQz21doCA2mGarDkMeBMNISQuO10FN9o8zEAhcCh4vnVFUVesEs9eqWTZ1YQjFRVjy3nNmihDourSe7Bg50qtn1mQmLKyuC1bT3NEp6-nl9eEZD6TDUaO6r1M6EtadW2dXKgX66AMlYGoOO_WFJ8HQuwcOwNf4XAh_RGQnmARbqgkU0hX7eHG17K87J5SJc5r27p-WV14-x5v2kBKue4eitgAKdORM4pDGZVIqDbs9F6I0BdKTtR6S0ehO1pU6rRvwQy1MxJUZ0cJE80gzYWjlf8zoHOruaC2vg_sOwq0buZyU5T3DkZlO4PjqR01GByBHH1sEBQPgX1z0QSm52-NZXLYJjs5xuGXTIf30Win00H-IzNh-41D_FN3jjYs7gEH0nA88IoqgMTEBfTpv_surdjGtScENzptPcaG39uVybpKuHzSCC4ZqrGeDx45z1yhFsTxJRt-IkwJVqdGoLVDB2fzq4TByUmFu_IuE3q2Oh2xyPABHWVHJPQ6OynVP2haT4rk1yNTH-B_dsHnsSb7D1kh0CZn42G29Dhqjhp40dgtXncDIXgzdJfGuGl4m0veVQXKaf4OEe9L6ZttsKVxJaNcpQsv-4dBzPXjKJTZb4JqpJmcoxVMoW56jxy62g86yPvkFBubgaW9SodMe9bAXdEuNlojSYxQNJWjiUxMkLReNlSFJIFHD29OD4w7RuMT3jZglVNGCdF4unoAxfdX4&sai=AMfl-YT3assABo7cizREqQ0YrUuZD9NgYONCAPfEc3DttNKdjlQSrbfIzHCIUVmRByhEj2xj6MoRkA5egSOCFwCOYHs2srS9Lrdq4OSj3w-zMmEYJjvgRmnoc1kzhQG4VaSWJipP59GQfAhjfmkhDLAw2Ap4-9mEXbGOhnYTkmowcF7nDa_-tZjO6pT7qyFCDcbgnDRyk5dipnoOUQ7eT_ZNa9IxNU4bAeEY--EtboW3l4SzACN88AC-UosL2MGtyZ0DUMXssVAKzWTngaWvWM_uV8CkFRXPQQaUh9aIN0TefXedE1NrRBUEbbTsB4_RUE3CeRWM5RIXD4GXFZz6ehJc2XAJ4y_KpUMP3FJ3agxlYDmkF1bd7y-Y8WU5pbts-t_8L4wmcUGI3ntrK-ZbqxUAAWZUt-z8Rv5xaZ-FrMEbjOpssN8zYYgKrCiqcdA6xY-pbXogInXaW7D3jrBEmpXeGlylst_dqP766a3ql8w0y7T68uNqwTGtp2Q-_hvHsmKR0Ilz3gxIxjj5AA&sig=Cg0ArKJSzJ1x9oBN0-adEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.90247&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C512 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C512 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C512 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C512 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaIlNaSZuQZpgR6ZVfKY9upM9htQqzd59ccG75ghxrl0AokpACJqWghjGjZ78aQIKcNsT31h7Hl6q1e87SC3kCbdGPzXP47hxWWVZlrTzih_HDIlA

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C512 203 KB
64 KB 167ms
166ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H3 200 7830489717981943151
s0.2mdn.net/simgad/ Frame C512 38 KB
38 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7830489717981943151

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca3e5fda9906aad4ef255bcccd1b2003eb8ff38ed5321deccd075a3fd623d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 10:29:10 GMT
x-content-type-options: nosniff
age: 311011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39165
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:33:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 10:29:10 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame CB93 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 61DD 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-QcFehO8lTEojI5K3X0SgFpHsKsDOl8iRRmlhv0d9WDKVaY6D4WNOmy7jZ9CNMP9IoNTmHJd2m-QPJ8gUmBLZaYbPsnAqeQQBIZFqfqWFbo3XJsv6YbaNWbh3SOwyLQLFKwZ3H1Pg86QW&sai=AMfl-YT5e4_D3QIsJH-AZ2uBH0n05SguSqK76aIP4yY4mQPDQMUzxBtaaVmtsUiJpYnjeRLgksLZ5qFNHKUYQwzzTAffzbaPw9j4wddDRk3TNZEhUyBj0D-rbUk5p9cYKYerY56KhF2B8DfDuuyFgHqC&sig=Cg0ArKJSzPIUHny_yCbLEAE&cid=CAQSTgDICaaNBe15WkDzhN3I39C8rtc4L4svWc69ScBBdzD8CZGIyh9QqY2MBPQNeHk4CjS-_tHcShF0a1PCxy1sfc58mbRalkz8pHDWuErqZhgB&id=lidar2&mcvt=1036&p=40,727,130,1455&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4036799899&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700182359831&rpt=543&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C512 0
0 53ms
52ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv6XcZ6vMg4920hpyYSx-ubgL3gGvw06WNAh8uwq3VBpiUER3S9KO3DYcnMJwbNI1hLDjPTOx_G8jbUToSJvpH8hiwGMf0j7lNcuMpYVwMSDhOn1N29AsH_w6fp232EZTy_N7DcTnVfQ4hNGPsLOzS-0xG__aTYTAEPgVyfgR-eHMneDMQoDSx4EMahOA5l0b1XmXS_fFFuEbbRjljgVZezUoXlqGFCs1Pqie26eUc7aH1fCItc6MXxsVFkvv5mrpa2xXRXgabK8zcDQ5KD8dHGIIssCNJRKov2r9Ty72F0gi3ppskatZWcPWo3DKPPCKT7vxUoaZEl9gjmNKBe7Su4A87Mvm2Qkbg52r90sge8f9l_sm56ztyMMl-Nf0CHD2vjdm5L9lJDrC9pp3QeP2EaUp_doX-Wxpqijqd-jQhaxSl_aTFgnD9eSuEbsxdFmbh02d6H7KmQVAdmsi3zGIWK5NW9gwAoNfsENv4KA7yx-Pwu5SG2bA02sJKZbBlqTjI4GOg63ucVqPUtD2rJnb36PQoEdygM2osuSgFnq7HDUXSJREczCRMEYx9aSaInWHKniZ2xYCr1uOujvyTsLHHlBa_SWvhO8VMQ7AzJ0W2jlGcQRQQz21doCA2mGarDkMeBMNISQuO10FN9o8zEAhcCh4vnVFUVesEs9eqWTZ1YQjFRVjy3nNmihDourSe7Bg50qtn1mQmLKyuC1bT3NEp6-nl9eEZD6TDUaO6r1M6EtadW2dXKgX66AMlYGoOO_WFJ8HQuwcOwNf4XAh_RGQnmARbqgkU0hX7eHG17K87J5SJc5r27p-WV14-x5v2kBKue4eitgAKdORM4pDGZVIqDbs9F6I0BdKTtR6S0ehO1pU6rRvwQy1MxJUZ0cJE80gzYWjlf8zoHOruaC2vg_sOwq0buZyU5T3DkZlO4PjqR01GByBHH1sEBQPgX1z0QSm52-NZXLYJjs5xuGXTIf30Win00H-IzNh-41D_FN3jjYs7gEH0nA88IoqgMTEBfTpv_surdjGtScENzptPcaG39uVybpKuHzSCC4ZqrGeDx45z1yhFsTxJRt-IkwJVqdGoLVDB2fzq4TByUmFu_IuE3q2Oh2xyPABHWVHJPQ6OynVP2haT4rk1yNTH-B_dsHnsSb7D1kh0CZn42G29Dhqjhp40dgtXncDIXgzdJfGuGl4m0veVQXKaf4OEe9L6ZttsKVxJaNcpQsv-4dBzPXjKJTZb4JqpJmcoxVMoW56jxy62g86yPvkFBubgaW9SodMe9bAXdEuNlojSYxQNJWjiUxMkLReNlSFJIFHD29OD4w7RuMT3jZglVNGCdF4unoAxfdX4&sai=AMfl-YT3assABo7cizREqQ0YrUuZD9NgYONCAPfEc3DttNKdjlQSrbfIzHCIUVmRByhEj2xj6MoRkA5egSOCFwCOYHs2srS9Lrdq4OSj3w-zMmEYJjvgRmnoc1kzhQG4VaSWJipP59GQfAhjfmkhDLAw2Ap4-9mEXbGOhnYTkmowcF7nDa_-tZjO6pT7qyFCDcbgnDRyk5dipnoOUQ7eT_ZNa9IxNU4bAeEY--EtboW3l4SzACN88AC-UosL2MGtyZ0DUMXssVAKzWTngaWvWM_uV8CkFRXPQQaUh9aIN0TefXedE1NrRBUEbbTsB4_RUE3CeRWM5RIXD4GXFZz6ehJc2XAJ4y_KpUMP3FJ3agxlYDmkF1bd7y-Y8WU5pbts-t_8L4wmcUGI3ntrK-ZbqxUAAWZUt-z8Rv5xaZ-FrMEbjOpssN8zYYgKrCiqcdA6xY-pbXogInXaW7D3jrBEmpXeGlylst_dqP766a3ql8w0y7T68uNqwTGtp2Q-_hvHsmKR0Ilz3gxIxjj5AA&sig=Cg0ArKJSzJ1x9oBN0-adEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=56&vt=11&dtpt=55&dett=2&cstd=0&cisv=r20231109.90247&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame AC74 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 67D7 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 89ED 6 KB
2 KB 17ms
16ms Fetch
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:02:01 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 89ED 5 KB
2 KB 14ms
13ms Fetch
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 00:56:46 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 89ED 2 KB
1 KB 15ms
14ms Fetch
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:01:50 GMT

GET
H3 200 NH_D_NA_City-Generic_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 89ED 61 KB
61 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_City-Generic_728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2f6c397b2c8bc2ffe3a7f98875347fd37f44f8297f60b1f961123846cad866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:47:00 GMT
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62580
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:02:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4D2 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvTQCV7lWZZjZLJeT7_UP-OmWqAkAAAAAOAHgBAI&bg=!9vWl9brNAAZxrfrxUa07ADQBe5WfOE_BxLz-HbkEsy94NWKn3N0zYYziyyk5fzIG9M6OojF0kg3DJp91KFAJ6vh9qifuAgAAAlBSAAAAA2gBB5kDB0oxxjDYoK-9BY0QFQ001W_MfJeoN9qgnGI2e-uHaW40xrks8Er8yBMb09EIP6R3eD-KgzMYG0gkA15_BaeKlRSgQtGwZfC-ntzuun6Ufie1RAZyvSP9VmJEGf0kZccZeTQpITVNlXpri2LU72o0pokDKJ2FHjGk6TMv5AySy5R-MST7bmQQalybpcndkZKPD72jGmc9c0JKYcztyfJgRV3iBODmoYTn9MO-2ZdRjyg0PWvrpIZ4vl_4w02C1P8_oHckRNZigJsFal3m7OUWbIPeePvqk8DD4qE9xPk44XV2B3Eac6cP0TW2Cpn_EFp6sDfGBCqavNFA7l53VVfCRDFWd5XBQzGfhyZeBKDx7x7Nem1-iCokB7E1VudOyGYXBOLOIgmmYEHdyPJRk_1SLblJcAYZYHRv7qiJZ2jrh0t5FvB-1HNYaoDnP_jZczCMgkZ6MJ83yPXbZcZnXBR8XzPTVRPhUDJjKSGEAzbsxnczUuuKmibCpZZInY-RcSzdF5G8hcvHt5Cf4jRcpBrl2yA6h8M05B40H9clHuldV1FeJ6k-PtuWt207WP6TkruuHLrtabHl0940OIZQuO_e8WIecu1Wv0GgKWXKVRvelcgNyQFIg3L87G-m2veDWZxbhtDX3w-jBmqPcJZtV6pgeSz1FKFYlioFIu0-PUK_uldS2447uhfT4Wa6jshdhQoyd6xEWDfTLnCw2rr_WHNH6gQuWtG1B9YNVPRHGnejN3FCCZWc7i4iKFbXq9-fGBYpR5a-OUuLZRxt-mIcP_imRY_8PANjAV1LYMfn7a6xMLjUlQI-aulBd0DmujSk3Aq97D1fQGxewv49BNITw817C1g8s4_NRlHqdbgHo5tBXL_ezM5YSDzw9GWOSSbrPARTG0I6IOgUXgPojehNVWvfdLApXWZO_7paJoCK0JlFLHJI9g59-g9lIzefjreMcBsgXKn0fX4MXTDLmqbyFTEHwQ_RIrysSfO-QANfNwhmEmc--2IpgFKnIgC81wcmYbIoi0PkeDIaro4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame CC86
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27893600004452004444550012511025&actionid=879111&produktid=ratenkredit&dt_url=

0
628 B

71ms
27ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27893600004452004444550012511025&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 00:52:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 17 Nov 2023 01:52:41 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Fri, 17 Nov 2023 00:52:41 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=27893600004452004444550012511025&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18C:EB3C_91EFC182:01BB_6556B959_53A5091:1A428

GET
H2 200 / Show response
adv.office-partner.de/ Frame B802 930 B
923 B 51ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 17 Nov 2023 00:52:41 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 24 Nov 2023 00:52:41 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame F9D6 2 KB
2 KB 182ms
77ms Script
text/html 18.130.85.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=27893600004452004444550012511025&nw=1
Requested by: Host: www.desidime.com
URL: https://www.desidime.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.85.236 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-85-236.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 77b725499a324567d3561c93b89b3b48a1e63166ea60f22a13e2e2e1178c4d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
last-modified: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 17 Nov 2023 00:53:41 GMT

GET
H2

200

activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436 Show response
8019191.fls.doubleclick.net/ Frame 073A
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436?

392 B
328 B

30ms
29ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436?

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

0a4146be7601bc054f4bbc227144920bce55cfaab82bf3dc3e0358ff10dfe2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:41 GMT
expires: Fri, 17 Nov 2023 00:52:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:52:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame 4265 7 KB
2 KB 37ms
12ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=52283b3f9f&subid=&uid=7ecac2bde08e9148&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRkprV7lWZb2TO7Ol9u8PlO2goA-m5b2gaYWVnKfJD_AuEAEgr62CHmCV0qGCsAfIAQmpAu8CazzSMrI-qAMByAObBKoE6gFP0BZUgWbgOnz9KEGy7F3oCd7LFAIlkw_zanGP_9D37UtEoXcJvVIqyogoPQAP-T21sXZDiDUsHabeFh5QfQcgqbk4aBKozEYmcZFfxWj5XXYr3sU4ijvPxbMugVZ-nTQH6nu-dl7qa8o4s_bEeDMQn9evUbxBaDO3Amdh5pwQzUzs1IA8n3Oo0o2WrPPX5DCWloPAamguYNekys_MufD4x002jrHqGHVflO2eLC7JaPMlDLQK18KY3qhyHrdOeck_trNdw_tZHxarm3WthF_xKO6NNBNfzmcXt32w1x1ibYUOsuMhdkoRTCLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI8MG27OjJggMVs5L9Bx2UNgj0sBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNNyNRiDXKJSSC2h0gaLNNOfl4qgrhv2lc_IRMDSQkTEg1EpAdn6F49basieAKgH6hOde5SqX1bYq6nGyT6KVfD9zxJiSkGC--NhEYAQ%26sig%3DAOD64_0TmUtTGKK0AmYXOA1tPa6wrbJTpQ%26client%3Dca-pub-6055132318164052%26dbm_c%3DAKAmf-DF3dH0pEs480QmDn7mph3BOUDH4XJjWCKXGhwQUnhowQv8g8Mt0O2WkHvCjKThK3La8NM4qXkIH6GADDjHf0Q9HXtbCj_Py2i8mOiWgrK-CtK4EtU2QLY1Hrkv6hcR5MaueYty85Ux1xyXiIOtle12osIomW3AbR9XWlHoILFjeNiyBkw%26cry%3D1%26dbm_d%3DAKAmf-AfbNnD4dQLv7qf71Z3gdPoEL_pzVQGBpBIfYQWHsh3qlRnzEJUgI9ZOzKhBveBohCDajh5h27D4VSCEQYsBcYgAlCYdlT6QTrLbeQ3ql6vuYdTh5O72AOLMRTQgNFAXOidIHfnxaiMJTF5oIdZ53Q5sv_TzO6CJSBN91v3GLmD76IPzuyCMZQ5Ppklkz0TAiMV9ptvRqfl7lxi40I167iUjXh1kraKkVeZZcm7ukGZ8yRdKY6eVh5GL0YG1pPak3kVUOKNebbms-IIF-nG-MULstpCGr7HEJu7YqGINoOc7oF7-B6rgd9gWYWrpiEHIvwqqVHmHdGwDKgS_eBWBOr16zw42r7EZvK7oOSWetIhUJpziwly2-C_eFk80Lkmivg-BTZPk56BP1hkZHg2HW2k0exjjQVi19shC7qC_VjnC5LDo5fZGrDnXmC9IZSxkqCAqbg_FYUX6WOAo0hlxTEK-OgN_biDvLBKK3nuZepfE0aw_AjD0bjQYDYtc3E7yBaRNqvf_i5JzL_sUm6OeLXK8NHBeupkF6oDomRdpKBJ52HQBgw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.desidime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.desidime.com&random=8354271746085&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8952ec6e15d83dd3b0eab7e670ec0df8635b7b2c748ff47916ca9d11db8b0a17

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2084
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Nov 2023 00:52:41 GMT
Expires: Fri, 17 Nov 2023 00:52:41 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F9D6
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
666 B

133ms
88ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18C:EB74_91EFC182:01BB_6556B959_53406EC:1E878
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=27893600004452004444550012511025&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F9D6 43 B
702 B 141ms
39ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=27893600004452004444550012511025&pv=1

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 00:52:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EA8 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeHtoWLlWZeKSC8-QjuwPkqaYqA4AAAAAOAHgBAI&bg=!7O-l76DNAAZxrfrxUa07ADQBe5WfOOQ5jtQQi2caly6i72VVLYYCLPC-OVGg32DquZhVNAiT8jJXHcssU_NDNO1hC9_uAgAAAjVSAAAAA2gBBwoAaxq0ZZXu1pGWQRfFHVYIAisXkoqlUp2oRrEyu_t2gwlNHYJfbHTm8hr4YNI2GLFgPpOfOBeL_tWdiCR84y8m2eaA87P9M-d3UI6m2lwzWBuO7z9U82XStlfQMY4zAaBmpqhe4QvjyDLauu-jmQMDACwBo01R7hUT78GqVh9Qs9payrc2TSNH1mmxD7PMRykEi5UyDZp3pi4KE3cFpGRTdvF5VKHwzhbdSgWn8ToKQoq3b4AtsnSKeG9B2fz2u3bvcR6jY6Ngj3Qh06sKgiv4qjUuLnalLUMpjr5JsrI5O7kIG0IZBxYbEIWKNUfkPaYkrw965RxJno5S6GNIiYv-q-KrAxqtv0OGSWhrNUQ4lhXFO_OLsHPaaReWgbOm23pyXGjN-41x9dX5PidG9GyoSXJyJ0-q3tNWrQfp3sHU8R2quIDEpGmogxPDkplOhvhSTmAgVgCZCA0BCR0toZRi7DL_k9mwKy3uaajtZLhYkIl5q7iHBFEsfjrTSDD3pjG41L1u89oaM9hkNYVbfFb1r_-CkXwWWIZmyxsAwSnzWoom5lkCBZMpWtNFwmQtmrzR_qOCb1J6wAjd02VxUGafj6vrcGtCDzgjhK83Yt27pbFdBfnXF0854XMvTvPxq3Mf4RZj550Xl8e-2OVSePx72R3RmN40kiIg-AhjYXJWe9AHO_6gdUx__oUGQxbtXCiORnpVBbMXuzsvz7ratgExmquvQq5Hx8DNzX4_wOzrVoajDBe842Yy9P-YTTbUpcLg6ZfOLPrnPdtzMDkfHHlWCP_AU4hf0chUhcbSe0_Nrr47yI6PZ6tE8es76C243Bnw8FG5Sc8jF0Z2NZsuhYi1oro-UAWaz9rqcDi6f4eo4MFT00E2mnYEIegZwviC4_36WZ3ymHPEKEC5G_OHvnxeXlwIKjBHJBaNtsPFWUmzuYTckogt3o8KJSgKaHXZJmep7x58AbEdI7gI07Df9UKFL6_xGsD5zShIKp3eHBGV2BT3bozA4MbP-y2LjIU031XDa1GWruc8azCMSAeBo5KF6HC0_ho-V4guXV8m_yjJXJzquFj5ICp_hSsxdgs3-Fp_OuL52u9KCPZDFdObBziFO0tpR8MMi2GgvqhK1vwplqac3xMPrCiYDud5zoQdIXGnFUPYT_AbiG3U8KhKMl5d9Juu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 samsungone-400.woff2
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 170 KB
170 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/samsungone-400.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b71eddb64edab08c418f04d49c88312ddb35aa052c4135b708a1cb9d72869853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:07:56 GMT
x-content-type-options: nosniff
age: 45885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174164
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 12:07:56 GMT

GET
H3 200 samsungsharpsans-bold.woff
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 70 KB
70 KB 16ms
15ms Font
font/woff 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/samsungsharpsans-bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f45083668045fb35cc0abb1c1a405be4091a7e8f9c4ba3aca4b8df0b1ef8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:07:56 GMT
x-content-type-options: nosniff
age: 45885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72004
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 12:07:56 GMT

GET
H3 200 samsungsharpsans-medium.woff
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 70 KB
70 KB 19ms
18ms Font
font/woff 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/samsungsharpsans-medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f86581e83f2f712d67b67af71624a8d8ac7c86743c4df97fa4b0d51d6f1c26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:07:56 GMT
x-content-type-options: nosniff
age: 45885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71408
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 12:07:56 GMT

GET
DATA 200
OK truncated
/ Frame F9D6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92874e204ffdc7db96ca68a9af9dc4b23816f0c97e85f0130452aa605a43227d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D2F4 8 KB
6 KB 38ms
37ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b101e314b347ed332cb78c798dc6832e7c3405bb3a9e921e6674f103ae4a0d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6017
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 8790 0
0 52ms
52ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss4OBgGVEr8wBq7OpR9P4syWycGL7rtok8vQDlaY28opUKu5RHosfxe-w1WRxO7A9ZAGjDgdZJdepKlFme5c6OkZAQMA0Zfp0tE36B19VQ6emmY7kb_Z28BnxK3s4IKhiC_kQe7pq16IjlHdFF1uXtdErGEWjakk2zcIuoqvD91IZshFQPsVOkBdnSRMe0O9FNxGW9I02X00Cum2mSVK0tjxZD2nnp6DROOviYUOyu-XJmI5BD7j6xDTrC6Vi8vu3qGMLfKCUzO7427nb9BFm8qbjcJ0BuU-MhrTcuoNMpKi00519VJMzDx0QpBac3Pexuxk_bDV6uXfTT8DKOQKhwIQoAC-MIThZID0C26yfk1I8BVFDNZJEJjVy9W1s6r6KNUPe5I2V6u22UZDdtkuXCmf2GbLgSS353YU6tp_GXagbCGzHakoN8Uh4SvHvHUCQSOym6Y5Neexyb50qyY8r6BUTzSbhNGzLvtcGEhK4TNRq-nk8GfnN94_cMUqPbITYM5uOKoXUdG5hF6411xPWw56KfotvQycUbnA8I-eTJzdlstvKmKZUgaxB_3UA5pGphXw1AaqlzF2iV1iZ8T_m-lmWlm3Ff8p0b2Vsu3BMzLuI8mEt-cwhtl6G26XmfJlpKX7k3EINWQGdnQz8Jmy-2Wcq5dt0lC9KEtWHi2JS4_qArr-rmxyd6GxZxQgXRCWqsDPJRmFiwdAOhpVIAOgHE3DLYdaka5dROAMRBX9bmd5Z-wjiqGpylq36fcN-J6l5BgRpvgoISbozYG2q5P4QySgbPav_cQ9T0m7X2JhELyB04q-qbHBh4oLi-3ddDmCScHLI-xDSJo2pSBxf44toS3YsqmfzpH25byETybfw5WvDiTW_uik7Is8jDdtPN61jB-hgOL7jyL0dZwU-pG2lmNet7dbgo9NmGE-XK3twlVOFUgoS5sUOlLT6WcO7CYkOSLnZkBouKWm_j6xL1IUg5HoYp_4r0-Ul6Oylg7B-whXUtpBjvJPNlEqnS4RERJ5n-BZ1rxdB6GfqdSwjdvNniPfnUu6Vwtw1XgbkKSutXGJZ0SEqHiUaF6aVL-5AyTe4OmZ3c_sJzMDbVfp-HDlXunbV5YY3mWrtz-UYhMPGvi7UzOzTUJi99EK6gu5ll9Bn0SSaElcDAUAhPNcGej4QiR93C38AzbhfKeqQzXVX5Y_oEVfHmclsUex430vGhG2webOON9EuDkgoASmBNjcZI0mr8r6J6PA7mGufxdD81FLyE3gDuMLZPPhkNCGht-Ikv75BcNy9dLaPk_G1xj0HPcWiO9N1XMNzaubUicxWTPGKQ9gQbr3F-vEHsHdWNGaiUDdG9-DOuaVxolUZvDPxnEuVIx9AO3tF-F-hWdg29kx1U&sai=AMfl-YTaQmr2QDhV8v8gYkCsl30GhTQJ8dFBvalR_qjmg4KVku90wRuDBEaZ7qeZZvnrc7R7mvtJyOxB9SddnqsURVh_OuroUZ8cKkBgjQ-EVN7WJKh3Ki-I2Cwm70QCsZLRcJalaFFItJ5drYpCnzx20zyxaUGO4UfClmcTPi_ROSXy1L4kv05ybZCMQzblIfTh0Fre24SrAsusyOhAgGK9ESCIoO1rHGrCadRI18bef0_DdsbUE_cJ2sTYCfbZGBQsBeQ-qzK9XhTiA66tCsAXchP0_f93uBRJGsFKVZmjhuuBl8_l_aN1Vpq-K_ojpowOEzQ_4bKqs0yogXwApCAeZq06N0G70s-flnSXRuSvHtszCdC07YkupbaqWm8QX0-wN7RPD2KZ98SurEQO_wczC0_rP3r6L7byfQo3kt0SmJ4hOShVCFviQYkWxpLw9HCBudXaHUv_x0N1XbK8ONM2-B3jj_vMrM34-tnl72E-FxEqMhZdeIRGlySAgL8bHprzz9a6ch9k-y1kBQ&sig=Cg0ArKJSzDIutj3z_SPVEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zYW1zdW5nLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=696&vt=11&dtpt=318&dett=3&cstd=371&cisv=r20231109.64441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.desidime.com
URL: https://www.desidime.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tman.cgi
pfa.levexis.com/samsungde/ Frame D2F4 42 B
534 B 166ms
111ms Image
image/gif 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfa.levexis.com/samsungde/tman.cgi?tmad=i&tmcampid=8&tmplaceref=380889841&tmclickref=18963847919tvav-offer-1428tvs&tmtag=image&rand=1700182361570
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-aes-version: 1.0
server: nginx
content-type: image/gif
p3p: CP="ALL DSP DEVa TAIa OUR IND UNI"
cache-control: no-cache, no-store, must-revalidate
x-ens-event-id: 18a8f6bf-bc4c-449f-a818-4bd00972e8b5
x-offsite-uuid: 491f0e05-425e-4e28-8afd-f40a0f54685f
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Samsung_Orig_Wordmark_WHITE_RGB_1.png
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 9 KB
9 KB 14ms
13ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/Samsung_Orig_Wordmark_WHITE_RGB_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a06e9c65ff96b8e99a1ee481428c0ce1ed09042bf8b010e8c6b96027a29a087b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:07:57 GMT
x-content-type-options: nosniff
age: 45884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9665
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 12:07:57 GMT

GET
H3 200 blackweeks.png_1699943082781_blackweeks.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 11 KB
11 KB 15ms
14ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/blackweeks.png_1699943082781_blackweeks.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a48e8e7027b2fed15398d0944e5a5eb48be2f4d49380977ab0dd3a2aee5a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:03 GMT
x-content-type-options: nosniff
age: 5138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11672
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:27:03 GMT

GET
H3 200 empty.png_1699942586723_empty.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 5 KB
5 KB 16ms
15ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/empty.png_1699942586723_empty.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e0383ed4c74095a430a00a7c52db5995c243b3b3c99b33e16b750737d56cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:12:01 GMT
x-content-type-options: nosniff
age: 142840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:16:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 09:12:01 GMT

GET
H3 200 energy_label_f_left.png_1699945563418_energy_label_f_left.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 1 KB
1 KB 20ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/energy_label_f_left.png_1699945563418_energy_label_f_left.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2600c28c1407c51684f7808159828b92e7050c2660bc052a7ace09c494620fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 5742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1341
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 07:06:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H3 200 GU65AU6979UXZG.png_1699942586723_GU65AU6979UXZG.png
s0.2mdn.net/dynamic/2/11131630/taag-platform.publicismedia.de/master/DDA/uploads/images/ Frame D2F4 149 KB
149 KB 18ms
16ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/taag-platform.publicismedia.de/master/DDA/uploads/images/GU65AU6979UXZG.png_1699942586723_GU65AU6979UXZG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e586953557f70e6b97c355dfe44acfa8e02f2cab0aa2fa8d0bb5fcc24c26f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:31 GMT
x-content-type-options: nosniff
age: 5110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152220
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:16:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:27:31 GMT

GET
H3 200 230925_BF_Offer-Tiles_MX-01-Offer_Batch.png_1699943082781_230925_BF_Offer-Tiles_MX-01-Offer_Batch.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 44 KB
44 KB 17ms
16ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/230925_BF_Offer-Tiles_MX-01-Offer_Batch.png_1699943082781_230925_BF_Offer-Tiles_MX-01-Offer_Batch.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122295d06d05eca5b2b050d5aff37fafe1aade529134adcb2d8712daf91d5966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
x-content-type-options: nosniff
age: 5743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44867
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 230925_BF_Offer-Tiles_MX-01-Offer_Stars.png
s0.2mdn.net/sadbundle/8707428817208718470/ Frame D2F4 5 KB
5 KB 22ms
21ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8707428817208718470/230925_BF_Offer-Tiles_MX-01-Offer_Stars.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2644c155d628c4cb3a74a453ca96abb2b3d2d0fb905f157ead740ba81c9c2444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:07:57 GMT
x-content-type-options: nosniff
age: 45884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5465
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:07:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 12:07:57 GMT

GET
H3 200 bg.png_1699942778147_bg.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 6 KB
6 KB 21ms
20ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/bg.png_1699942778147_bg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f76ff344231f1a9c4ac3212c54421538baef2c336ae4e6ba6960e4a1610eb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:12:01 GMT
x-content-type-options: nosniff
age: 142840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5737
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:19:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 09:12:01 GMT

GET
DATA 200
OK truncated
/ Frame D2F4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 empty.png_1699942586723_empty.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 5 KB
5 KB 13ms
13ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/empty.png_1699942586723_empty.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e0383ed4c74095a430a00a7c52db5995c243b3b3c99b33e16b750737d56cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:12:01 GMT
x-content-type-options: nosniff
age: 142840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:16:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 09:12:01 GMT

GET
H3 200 blackweeks.png_1699943082781_blackweeks.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 11 KB
11 KB 17ms
16ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/blackweeks.png_1699943082781_blackweeks.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a48e8e7027b2fed15398d0944e5a5eb48be2f4d49380977ab0dd3a2aee5a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:03 GMT
x-content-type-options: nosniff
age: 5138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11672
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:27:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D2F4 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H3 200 GU65AU6979UXZG.png_1699942586723_GU65AU6979UXZG.png
s0.2mdn.net/dynamic/2/11131630/taag-platform.publicismedia.de/master/DDA/uploads/images/ Frame D2F4 149 KB
149 KB 21ms
21ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/taag-platform.publicismedia.de/master/DDA/uploads/images/GU65AU6979UXZG.png_1699942586723_GU65AU6979UXZG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e586953557f70e6b97c355dfe44acfa8e02f2cab0aa2fa8d0bb5fcc24c26f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:31 GMT
x-content-type-options: nosniff
age: 5110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152220
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 06:16:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:27:31 GMT

GET
H3 200 energy_label_f_left.png_1699945563418_energy_label_f_left.png
s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/ Frame D2F4 1 KB
1 KB 22ms
22ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11131630/s0.2mdn.net/creatives/assets/5056821/energy_label_f_left.png_1699945563418_energy_label_f_left.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2600c28c1407c51684f7808159828b92e7050c2660bc052a7ace09c494620fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8707428817208718470/index.html?e=69&leftOffset=0&topOffset=0&c=QofPiOLhXY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 5742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1341
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 07:06:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4265 2 KB
843 B 94ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:49:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4265 10 KB
10 KB 39ms
13ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 69d853478913b87486f2bd67a8021cc580c949cf12888e5414f012e7de7df7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9891
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4265 9 KB
9 KB 144ms
118ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 92dc0726c8310695584ef0989db65ef2cb1d0829776d88752b8d01c5dcf430d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4265 7 KB
7 KB 160ms
137ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 123a18ced0126b3adc21a3c10ce9a703a15f54279d66b7fa41806b36c24de51e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7116
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 89ED 50 KB
50 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=nIUyMdavKp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:47:00 GMT
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:02:00 GMT

GET
DATA 200
OK truncated
/ Frame C512 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f8f08f713f357f3cf101f08af262416975e8d778cdcb262061d7fa41c34eede

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 38DC 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 587301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyQK,pingTime:1,time:1184,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D,%7Bpiv:100,vs:i,r:,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1051,o:133,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1052~100%5D,as:%5B1052~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:222,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyyQL,pingTime:1,time:1185,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D,%7Bpiv:100,vs:i,r:,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1052,o:133,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1052~100%5D,as:%5B1052~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:222,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B802 174 KB
62 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50f0a9707b62fd19050b9d2029c3d33ca34e506bf476ad1a877018ad1b159e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63899
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H2 200 dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436
adservice.google.com/ddm/fls/z/ Frame 073A 42 B
401 B 131ms
53ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJmA5e3oyYIDFdHwEQgdCsIItg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3132306431974.1436?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F9D6 53 KB
19 KB 91ms
18ms Script
application/javascript 13.224.103.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=27893600004452004444550012511025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-78.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:55:55 GMT
content-encoding: gzip
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ee.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 16:51:16 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 68207
x-amz-server-side-encryption: AES256
etag: W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3dY4rlPS0UptR2PSRqueEi4fL6z-a7Wmot3UaoXZkBzynv8HNSMdlA==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame F9D6 3 KB
3 KB 64ms
20ms Image
image/png 18.165.183.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1700182661&Signature=We1HJrTgikcVnnGPYgkD~wxIBLIZ5nXdulc5ptwYnAOaDmX4WYfH0baesZfep6OEltJzHD2PGCNtMiXWHJ7lcNMmSyq~Ea9jcLVYc1DwlEE1eZ1YzWACV7DWDFWx0u-MhaikeGE6Q4T-7afj9PED1wXSyOYcmnckbak4mQH1n4hzE2-2V70EenM-H0ia9~Itz03FM6inZ9gyaxW13fInyu1nPG3H2XUdXFh5Kr2W4a5L1qW0ukaHICJ3g5r5gFfQGao-b9TARbvs6rDl2gfONdbNMZd6BaieT73fpDAv7c39zfmYmE13gNh5PAeuGosj177GDpEbvO-Dq3tYNRGSow__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-114.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:14:29 GMT
x-amz-version-id: null
via: 1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 63493
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: RGdDz-riQ_lVffK1iSIIvzsuYRCB6sxTqoUK0kba_4H2GgCkaEHU0w==

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BCF 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame 4265 0
150 B 36ms
12ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=27893600004452004444550012511025&a=0239b245&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=27893600004452004444550012511025&a=2480391e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:52:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 38DC 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 601453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 01:48:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B802 273 KB
91 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5103c6e3cad2dc3269fe30519c05e868a92a957d891fe2cb05ee0c0b69abd120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:52:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 00:52:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC74 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB3slWLlWZeyhLNurx_APof6s-A8AAAAAOAHgBAI&bg=!kZKlkt3NAAZxrfrxUa07ADQBe5WfODivwlg4SmmGQPuDGuJ5_yv557x7j80g0uuqEBHLc52pkmkxtCTMfKV2lNouRch9AgAAAS5SAAAAA2gBB5kDJob7gd0xIRqNAAX0y7K8bGZqEHYirHHtZ_iPvD6m-2NjEc6oKoN8ktjcFog1ITVV1erX1kpKDBNfOo8hPlnc5ftZyhjOSUoIwckVsOouIviNV84DkEkvM5g_DZjPipWDL5UjsnZQbx7-ukVtOMlPAN-Ir7E7VwI2MMF_LknRZhNCtZf8HPKRMlOxntlJYzH0eoouj2PoTYaRNdjHj03BE2tig1_YhRXGykJUAWuojMmJ0CrqJxHsXHgod5W78dHoOPUKPAFC6ft0-iiVpFl0QxhwGcyRjmcf570kO7F6s2p9FGFHZcV2OY8tW4inO-Uv8AtjoOUyy5Ngwam8JUewEyUpSrIcKizpPIEbS-K-bIixTa-P3V-vtu72uGrqBbjwcwcOwSF51V07CugaUkpySz7GTtshpIp5m2yt0_td4CKDYFM2e7TR9k1aZPmK9a-1v6Ukir2Zm-tj3QhmkMlwuu8ra5J_VdP8FsYA9HmEE3h_Ct1BQ0PUPsltwjt8AjXifzuQCxgu0KWELo5pkMZMEStGcNJQjyIgan2Je3l2WQG0fk62Bb3m4Q9QEsKc2ORWH4PZ8obudqf8fZpM6HEFbaxBfLfYy_O4mdQVsTVT911IH6yMz9bdSFSACO7ZHEBFvNmTvoKHnZTHZkpmD7-y3NK976KJeALFXrPCdkD4KgHYKmGBauN_m5Er_U34-BrM8Vl_LrILBXSxRIi6p2Cdm7bQ9UUdDMZrmtGwNO0kKGYfiHRJ29-nCy3tzD3hFX38iEcCVm1q3ZD9X6qpnEPpH3V_DdbiY3pcMnAvbEyNsNCnJklWdXtFIo2Qmr8BHOxBuUdkS9ZwmTmlbxV1Z6LB6u93hhPIxI_1lN2XkTPRDLh1c5kE2HvQ4hP77-z8m5rjuZuvB7u_rMxVFnPAk3cJ6wAu5P4cAPFhvrqkdZtgesE7nGZSnTr90adCQl-ded8N4Q9lmPidnAunKZtW1irGV24S-z67tfXGxAn9nEUPfupeQfPSa_N3FcfQYI2jj0xZC1SL5XGdmzp1joX93L7LVrywP6rKi85zuOdBkKP8egODkAfxfN2Y

Requested by

Host: f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
URL: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67D7 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4ecnWLlWZfSeE7nQ9u8P2beIsAcAAAAAOAHgBAI&bg=!mpmlmdbNAAZxrfrxUa07ADQBe5WfODk0gApYVS1odUEbdN2EEs3CmZGjgykXZ40OFuz_eBHyV2C5Ro7pK8_KTqj0d0e9AgAAAXBSAAAAA2gBBwoAa-a60JURypwyVz7hxgPzv9SxAVWw5SNMf69CGoUnuoZv37lB_SMFBLToGvqdFG5uYRI9z98dSs6XrCJYwzyWFsXpWprBPaHOv34VXspxS9kduckR8yxmRZ0KFx3HriGrz9d_nZWK-5ReFgjFmQMK9RzRS0qe6ghb4GEcbHAFbV4uf1Oh8_n4mzvD-xVmS1_X-NB1fM06fcj7Ago1__q5-2CsOvPkr5QdDxhx3q14h59KiESvt11BoCsCoPaHs_nZL9s1JTUR9Ar2T8ly0PR0niISE5Lbe2c0lsIUtXklW0JMtlBGlaXemd52q1Engz86Qnn_1080ZIW0iiqFqe0a8bdRdXluRvKcqUioL_rMJ3ED6TSfRYOiyWmzaISUIMl1gEpJGMPqZKJSv5oZDb9pjleAJMWRc-E-JYCE3inS_4tm7Ri5YhPGMZl1E0bPDrZ7x2k0f5kT_JzTZRm-upHOgMH2AAasOk-9N19muYqWvMFivCKs1lRCV8G1awguHgmKtGOGJKNIstZo6OO6jEDH15NGCtc7hzBckZIvjrdlMepg1rxtkbB_fmiWxWdnHK589AmafGq20wy0fdCCULhofA7AdNm1U8ZV8-yQ9Wr7X_24WqGxjEZFS6XLFAfZoFR0LDX0nM_m0yS3KYwxQVhJKSyZ07wmU5f_unx67N7XNqtkC5ImrPxDf6jHfHkitDFMTIxVStXIL8dv21n6MZcS-qhJ8RYUFBL25m_HBS2id1peGBeKu0HAmqvUM9fQBeUeKBBzZ5DB7QpgbsmJN1ASwtMXaCEpNsKBSkN7U6h6gvtI1YozL3ZhlHXRLQ2ToiPKTpVXQCc2nISmY-3PZxuLk9iRz6jqxD7zpKcGUCvsdtFSY9wyCn-nSpp_gHP4GVQfQvfT8UPM68urNkLjorVRvNVwAv5k3cbbpXp0Ug8PL6l7yjRk7wGHYZVJvN5oE_KaQJqqg5OQG4nCa5L91E1QHf0LvRFLAgd2DCLJ22pbyqd3onsMHssCHpKcvziZ1-ZWhVr5wMze4uYvicfsEStyclJ3cLB30Od5H8YFemLZaWJBVdwWvVdjlfWcrypvtUe32rr7xK0Ki0ydd2C1Xb0Bd5yoUmknoJKKq7f_MMaX2n3ZLCrMnrRFHWjCt_5ii2CRQcOgwiVgrSJAyGG2Oap9kM1NEaAPM3XcpQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38DC 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8SvgWLlWZaKRKvDC7_UPuIGeiA0AAAAAOAHgBAI&bg=!QUKlQg3NAAYdLc6FPS07ADQBe5WfOPjVrVE-z8iQLcEDT_vxpQHLPLse3HsmPKrxLP_yieAKZCrR01cEa-QubKidj5OUAgAAAK1SAAAABGgBB5kDD4BRZVFv80CkGrs8Zst5WhD9oeSGsgU_Wr5iV8cYX7Ik4Mp1Tr1ckCeD1q9D2mQGBD4Q7ZYTKOr4a2FB-3wpp5wOVAeh8UoBoLeEUF9jKJGeplGGBYI2bFGI0bJFDK2ryR0BEqd3oz1WnErfli_bl0Y5BasNNpF2YAugE8jny2_Ajt7057FowT0fon9U2BkBmISJE_6Tq8aYg161OJIX9pZL-fSuDaMOCsHQiYOfsHaGrhTsc7jqrTihF2ITnKu6teU7Z7t2a6qNMuJY9uSnskkhsyu22ms7og4CjqShPL-9PT0ZBlzTV8mrpFH3c7SI5OvWM-R65_pEgdZIJQ2oeOlNTpN-6dqJq_rvOhMDOR0iWHASw6WOHkrL0CXKGIu1pWu69wRYnA5XJpPIaXAsqV-APYqSwzjbQprS57CGaHe6Q4UR1PgxeozuyYh5jOZ9N7fTmyX6a03S9Z0iV57hl3lGYI-UWfPFcARGmLxzPPAsM6c0uRDlUiwum6a7KyiOP2SCUZ_p4j7SCWC_kSj0i0CvoDaaJGxdkAqu_7SzkuIiGSB5KdQUatRLJuapLsQMmCYODrPvbEaZ2n5SG5fRlXc-9l2AyHHbJxvt9_l45O5Et9-1BiUw8-FiGp3w8MB0yGIRejFhgHGtb_Bh9NXR-KX6yiHKrKY6WU2FJ8xIsmT3u26hYelCzd5KkcTumoQ0yzc9Qniz9plPJTi7w7hOUck6VY5NbcPSu53Hy3PRyy28L_r6tnAnA7FmTDPun1AD5_JWawqfuKDAc5GRf1IhnuECtwqQzo0pAWuTumQTa97CR-xHy4Z7EqFeCd-JCdO4kQPk8v06J9H_lqxOiBUWV9Lt10BfjFgPzfnPoMopuLPrePvTl77IehenGfN1D4c8AYEl7owdcKllOgNHrsWPK2CbsG68i4EGmqDXpToSueji7X7dagtcBfYuYPsD1W6yUShhSChUmqUQS2kEXOrhb-CjhwmCgYN4ToZH41LiHwSxcc-aEk2XwALod-vnvtCiT-M8i_KT2nce2t8RDPNyEw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8790 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_yKrlFEfvAVKDTEIWYmQN6OuMuqqmYOBV6M5rvlVPzQdIgqiFINyO5hGNbPQ3mJlzU6f-Rx2NYhZuGimgTefHO3bSatGKwJoojo6zbYEbWgV6RyHmSprB6qGnjJ0vNdNun9LLoFN9qhcG&sai=AMfl-YRmiOemZ57Q6GlbGJCFgpbvCFM6SbTAy-sD0SQn7FBQwfT9gvzttcRzP3CArv1FwuEF6dndz7H9arMA1r3BArAcYYznNLhRfVLasLHbt-LBQYbBPcsMYXsW3vzLw5ziimqlgWdsERHQrCJvHu_XYA&sig=Cg0ArKJSzDl2wcJ7i3-8EAE&cid=CAQSTwDICaaNiXw1kNc9J-ZuzyMkYHP-_dlLqlpJ61a_gwDLKNcIgkp7oEPnL3Kxyoirc56jsKIoLnygS8k6tcBGj6GxARNu4w7woY_YKf3yxhAYAQ&id=lidar2&mcvt=1000&p=1044,1150,1294,1450&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.62&if=1&vu=1&app=0&itpl=20&adk=4215283492&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700182360782&rpt=542&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61DD 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9353913715128&version=m202309260101&ct=76&x=1&cor=67845562542282100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F9D6 16 B
209 B 65ms
64ms Fetch
application/json 18.170.173.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-173-249.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 00:52:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 99ms
21ms Preflight 18.170.173.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 00:52:42 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D6 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3639685916978&version=m202309260101&ct=77&x=1&cor=53031148875484824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 183ms
182ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyzSz,pingTime:5,time:5141,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D,%7Bpiv:100,vs:i,r:,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5008,o:133,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5008~100%5D,as:%5B5008~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:224,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:45 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61DD 43 B
215 B 183ms
183ms Image
image/gif 2600:1f13:800:7782:6a85:112b:3363:fed8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=1cc569ee-9672-e3cc-f363-c348048b055a&tv=%7Bc:ubyzSz,pingTime:5,time:5141,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:34%7D,%7Bpiv:0,vs:o,r:l,t:92%7D,%7Bpiv:100,vs:i,r:,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5008,o:133,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1,0~0%5D,as:%5B83~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5008~100%5D,as:%5B5008~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:224,fm:tVP9V0y+11%7C12%7C13%7C14%7C151%7C161%7C171%7C172%7C1731%7C18%7C19*.1835641-76534654%7C191%7C192%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:35,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:6a85:112b:3363:fed8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 00:52:45 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn5.desidime.com
URL: https://cdn5.desidime.com/fonts/v10/icoparity.woff2

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPrRk0mpP6pAP2pqHAIwJDk&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:35:34	Name: _GRECAPTCHA Value: 09ALvilpZfaXSeEsEJJTnRFVlKYOWuESGb-9n_2f7GRUXXa4I4kL-Wv5jdZP3dtgF_s7l_hCO64NcZt6EbX1lQCaA
www.desidime.com/	1970-01-21 01:03:24	Name: show_reaction_intro_popup Value: true
www.desidime.com/	1970-01-21 01:52:22	Name: deals_view_website Value: deal_list_view
www.desidime.com/	1970-01-21 01:01:58	Name: _session_id Value: 7f93347f73d7ae800aec8c0bfc8a63bb
www.desidime.com/	1970-01-20 16:16:22	Name: DO-LB Value: "MTAuMTM5LjI0OC4yNTQ6ODA="
.onesignal.com/	1970-01-20 16:16:24	Name: __cf_bm Value: ebJwO1LqpLC0JguTaG3Fj8zb0.Ea89eWE1DvxoE2gBk-1700182358-0-AQrExeI3CQXDVbEctKpp3Q3c24SryOMnS+6fUYFWGXd9Rxka79Ayq/EJ2l+BsZ4sLePJoHT0GZ2hcfkULcVbUEM=
.desidime.com/	1970-01-20 16:17:48	Name: _gid Value: GA1.2.95282242.1700182359
.desidime.com/	1970-01-20 16:16:22	Name: _gat_UA-3652252-20 Value: 1
.desidime.com/	1970-01-21 01:52:22	Name: _ga_ZRDRKHNK24 Value: GS1.1.1700182359.1.0.1700182359.60.0.0
.desidime.com/	1970-01-20 18:25:58	Name: _fbp Value: fb.1.1700182359266.806375908
.twitter.com/	1970-01-21 01:52:22	Name: guest_id_marketing Value: v1%3A170018235925751268
.twitter.com/	1970-01-21 01:52:22	Name: guest_id_ads Value: v1%3A170018235925751268
.twitter.com/	1970-01-21 01:52:22	Name: personalization_id Value: "v1_xEKArXQs8DbhHc05hiMZZw=="
.twitter.com/	1970-01-21 01:52:22	Name: guest_id Value: v1%3A170018235925751268
.t.co/	1970-01-21 01:52:22	Name: muc_ads Value: 17c0e756-b42c-4893-a8d8-ea7d5990ec89
.desidime.com/	1970-01-20 16:16:25	Name: AMP_TOKEN Value: %24NOT_FOUND
.desidime.com/	1970-01-21 01:52:22	Name: _ga Value: GA1.2.832860752.1700182359
.desidime.com/	1970-01-20 16:16:22	Name: _gat_UA-3652252-7 Value: 1
.doubleclick.net/	1970-01-21 01:37:58	Name: IDE Value: AHWqTUlGNUI53OBXLSZyUirctXN654oL2NVx5qv8gDEmGNV-YN7wRUWwFf420F9l
.casalemedia.com/	1970-01-21 01:01:58	Name: CMID Value: ZVa5V.LRRh0FnLbi3LvvLwAA
.casalemedia.com/	1970-01-20 18:25:58	Name: CMPS Value: 3245
.casalemedia.com/	1970-01-20 18:25:58	Name: CMPRO Value: 3245
.adnxs.com/	1970-01-20 18:25:58	Name: uuid2 Value: 2318269602099206248
.adnxs.com/	1970-01-20 18:25:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUq15ry!]taa8i_iqf!oN/@E'zz<Z0QUm%pAm0CdXEHcurGz-MifyY$RGc^j8X8PhCTD._PlZ[C[-kX-DQbmZ
.doubleclick.net/	1970-01-20 20:35:34	Name: APC Value: AfxxVi67d2I1ZMYrTaVoS8k4Yn3tTp5AyRmoZhAhvF1lhHingpA0kQ
.doubleclick.net/	1970-01-20 16:59:34	Name: ar_debug Value: 1
.desidime.com/	1970-01-21 01:37:58	Name: __gads Value: ID=d204268bcef06e00:T=1700182358:RT=1700182358:S=ALNI_Mafv5k5i83a3X26xXg6mfeFm5p9UA
.desidime.com/	1970-01-21 01:37:58	Name: __gpi Value: UID=00000cca2c3dcc0d:T=1700182358:RT=1700182358:S=ALNI_Mb2cXa1xVqijEdBadKB5NtN8tSwrQ
.redintelligence.net/	1970-01-20 18:25:58	Name: 8lcfmzhxc8d6_uid Value: da1305feae7554d1
.demdex.net/	1970-01-20 20:35:34	Name: demdex Value: 83956288033550691791093869665667106849
.samsung-germany.demdex.net/	1970-01-20 20:35:34	Name: samsung-germany Value: 83956288033550691791093869665667106849
.awin1.com/	1970-01-20 16:26:27	Name: awpv11601 Value: 113440\|1700182361\|9caf97a0-84e3-11ee-819e-22341370d01f
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
pfa.levexis.com/	1970-01-21 01:52:22	Name: uuid Value: 491f0e05-425e-4e28-8afd-f40a0f54685f
pfa.levexis.com/	1970-01-21 01:52:22	Name: ENS_AES Value: %7B%22lclt%22%3Anull%2C%22lcot%22%3Anull%7D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: sjbg1plrzm2rdyxetcqsewn2
pb.media01.eu/	1970-01-21 01:52:22	Name: DTU Value: 2959593C4467B6A980578CEEB987A04F
.office-partner.de/	1970-01-21 01:52:22	Name: source Value: {"webgains_webgains":{"timestamp":1700182361917,"clickCookie":false}}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.desidime.com/ Message: Access to font at 'https://cdn5.desidime.com/fonts/v10/icoparity.woff2' from origin 'https://www.desidime.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn5.desidime.com/fonts/v10/icoparity.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPrRk0mpP6pAP2pqHAIwJDk&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
accounts.google.com
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
ampcid.google.com
ampcid.google.de
analytics.twitter.com
analytics.webgains.io
api.webgains.io
cdn.mouseflow.com
cdn.onesignal.com
cdn.track.production.webgains.team
cdn0.desidime.com
cdn1.desidime.com
cdn2.desidime.com
cdn3.desidime.com
cdn5.desidime.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f8c99a92ef37ef61794b10ba6aa39024.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
m.exactag.com
medialead.de
onesignal.com
pagead2.googlesyndication.com
pb.media01.eu
pfa.levexis.com
portal.o2online.de
pv.medialead.de
region1.analytics.google.com
rtb-csync.smartadserver.com
s0.2mdn.net
samsung-germany.demdex.net
securepubads.g.doubleclick.net
static.ads-twitter.com
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.co
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.desidime.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cdn5.desidime.com
sync.search.spotxchange.com
104.18.36.155
104.22.9.132
104.244.42.197
104.244.42.3
13.224.103.78
138.201.63.157
138.201.84.245
141.101.90.98
142.250.186.134
142.250.186.70
142.250.186.98
145.239.193.130
146.75.120.157
172.217.23.98
172.67.8.250
18.130.85.236
18.165.183.114
18.170.173.249
185.86.139.102
185.89.210.141
2001:4860:4802:32::36
23.212.218.19
23.52.123.144
2600:1f13:800:7782:6a85:112b:3363:fed8
2600:9000:223f:2a00:8:48e:53c0:93a1
2606:4700::6810:3865
2606:4700::6812:1a32
2606:4700::6812:d63b
2a00:1450:4001:800::2006
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:806::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a0b:4d07:102::1
3.124.119.57
3.75.62.37
34.248.171.95
35.244.159.8
52.209.24.113
85.14.248.91
88.198.250.30
94.23.99.218
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0484e55dd56acdbcfbe08673ff2f10adfd9779a870d15d422c78ca0bfa97c0cd
0a4146be7601bc054f4bbc227144920bce55cfaab82bf3dc3e0358ff10dfe2d5
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd177d3c2f0f0d1f0c7f49ea67ebad23fc89a72749bad97b097f0ad49d1125d
0e22e6a4c1770831466a702ad01381d6e8ad3facca6587e0f70bd4fe77679b00
0f61bca281d4dc1ac70c21fb71708e39da7947085ef38868e92e7b37ab0f3db9
1214bebfe8e7a88c8fcaa15e5e4e1901b3f0cf02cbcea201cca084ef407ca15e
122295d06d05eca5b2b050d5aff37fafe1aade529134adcb2d8712daf91d5966
12356035dc2252194e136f03de5c8c877afbd6184e17aa8953aa9a444a1b7117
123a18ced0126b3adc21a3c10ce9a703a15f54279d66b7fa41806b36c24de51e
170f20cb6368dbdb0080a957887bfe920952d3c26bdbf4be8bb03087351c7285
181168367c31e81b46f326e9a846fea75b8009696720bb5ce21a5dfdea0eb97a
18bd5cb25f5dbedc0e45cda3522fa44fc2b4b457118c2835bd9379a493be3447
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1aef236df72707aaf315929934f96ed3a673341d9f8b94a9f8df5dd332d83790
1aff22408cc764f30bb9dfa1b72fc4c5582a2b215566d4f4de8d6d71ce1a299e
1b78788085dca5634d2adc737b9b87d59e8d12436370e9039fcede1a8ba6340f
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ca0369c02ea8a5993fd01fdc2c747fab4bd20b4f493fbc7c0d359bdafd3ea46
1ea80ca7d6ff578073f6ebbc727d5827e637c57c3e197bd5fb7b9ed1cf905b25
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2519d7573fb6aec9094fce2df8d65667ee21a320e4e2dc38421f886030e5cc32
2600c28c1407c51684f7808159828b92e7050c2660bc052a7ace09c494620fb2
2644c155d628c4cb3a74a453ca96abb2b3d2d0fb905f157ead740ba81c9c2444
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2882a3a7dc6b58a10a3f54f8512a5eaa9eb2c4c6229c5daa2006f2b057151601
2b2f7f1c338d9cfc066645bb2fafe534f6bc4be24d7fdb86ee6a1fbd86337365
2b8b6a1991b007efcd90c77cf93e5df068fcb69ac1372a506de7a955b230c50b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e586953557f70e6b97c355dfe44acfa8e02f2cab0aa2fa8d0bb5fcc24c26f31
2f8f08f713f357f3cf101f08af262416975e8d778cdcb262061d7fa41c34eede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31f33d7dc81d45fcc265b717b05aca528f4d14870f29ba0b1bd390021ca90eb0
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39ae507d06f2f0653e02a7ad15bdf40e2f3a024421c93c04abf3cbc0ee7e8fe4
3b351d6c02f7062e6ffe712735163b292db9785ca9bfd01b4ebbd731818938e9
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c6f2f0602a218e0c6d67f9212c4c73094d8cc03e0883f25259bbb821c926745
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f04461f04df05180cd8855bc4224485d90fa002e0da6303d237e2f4eb793a7
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44b91b10b2cfa813b7e4fa606b97f3f5dc9001f60a13f1fe37e80e0a0f36c1b9
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45b67352845c1c11bd4ae5577507951ce19f5100dadd1df06ecb795fa3e5e8fc
45cea81714378531a09b7f186300e58c53b0129dd3ca81af9514f1b7c3722ace
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48ad06533594760646e42b3c1946b49dc45615fb56b509763ea10528de1ea872
4ad70cb392f2d2da53d461b0e286430839561e79312b1b3f8e31359954578b15
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e79e8f5b66383e7d3a9735262c21fd4783cd36cecc7d32509a1f84b5e255ec5
4f86581e83f2f712d67b67af71624a8d8ac7c86743c4df97fa4b0d51d6f1c26e
4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171
50f0a9707b62fd19050b9d2029c3d33ca34e506bf476ad1a877018ad1b159e2f
5103c6e3cad2dc3269fe30519c05e868a92a957d891fe2cb05ee0c0b69abd120
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
51c560304e2262a88e2ad9a67b526271c2cdf6fceae5b647fb6d72739de7148e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5544b13271c71ed2fe0216627c1082366d80d3b131264c846d68bfddd47127ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
58b393e1b1617b67ab1a2c8f86108066299e7786c59f7863da7c0b6fb22400bf
592331e4c972272f84ce4e2bb725e38e96ce4f12765371b052c10465d02d52a8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f76ff344231f1a9c4ac3212c54421538baef2c336ae4e6ba6960e4a1610eb3d
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62c5773b764311099c260f755f2c261e257446146f69ce0900f8b3dd80f7b464
635eeece7a9de9e53d655459f7181a5318274067b86838d54de661c0c73680dd
65df48504f4be49375488aaaad2d7ef37e921d15dd4a49d60354746de8a730df
686f616dbb9b491667dd4f1d4e651581e23d5c53c2c846a6260f0e05eb413f80
69d853478913b87486f2bd67a8021cc580c949cf12888e5414f012e7de7df7a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6fd0ae3a7539986b2ee579954d1a6a2594d1da7e4444f0222c80781e03c23586
70dc140203ee87c1464d4605fe9c84fd642f5d88b596f9f827a50b39174da77c
71780b4999860da61ba24f4ba4a3b4e9693ad476bdd0245923856678246a4ff2
72a48e8e7027b2fed15398d0944e5a5eb48be2f4d49380977ab0dd3a2aee5a83
74f45083668045fb35cc0abb1c1a405be4091a7e8f9c4ba3aca4b8df0b1ef8b4
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b
77b725499a324567d3561c93b89b3b48a1e63166ea60f22a13e2e2e1178c4d59
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79dd53057726b936a1a09830544378d4cb92c4af2832e0ada32e7af918a62ec9
7e47cc7f7eaff0ada95459a7290a5cb4d311b790cd1a248d2d5ef940cad12ea1
7e775f060fd0cc0ebd3685f71c0f6a5ab9c90760a2872cfba7f5dd9c42a5a539
823ddbc122029000373fb3421d593afed85912ef625063845ec81dc4becfdb7f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84eab0b8cfc6bee99cbc07957869496eb78d2f3af739da983f5d92f7f42aba16
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
8952ec6e15d83dd3b0eab7e670ec0df8635b7b2c748ff47916ca9d11db8b0a17
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90328f655c6f9992400de8c0a659ccc9cf873167e8270281dcfc96e2bacd9f5e
919d6893949c8c16f093a55e913a5b3c1df18dfb5c48fd1591c69056625f6169
92874e204ffdc7db96ca68a9af9dc4b23816f0c97e85f0130452aa605a43227d
92dc0726c8310695584ef0989db65ef2cb1d0829776d88752b8d01c5dcf430d5
947ab94f87a0aaed3d91c687869f43276efe65d58c5115684cf8d2ee98ad6afb
95c2579c1d9bb249b77e4ac802500f37e4834e328c0ebc59f0dd125b5743555e
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b9863d076cd8cd43ff307a7260e1a5bd5e9bd2a375ef03fdd284f624c4578d2
9ca3e5fda9906aad4ef255bcccd1b2003eb8ff38ed5321deccd075a3fd623d1e
9f4a29ef4b8846abfcc50cbd52d656b03372863814ddf052dddee0ba79d8a113
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06e9c65ff96b8e99a1ee481428c0ce1ed09042bf8b010e8c6b96027a29a087b
a6853889195694e1de574634b798195d4d3ac8481dc33194084053c7f8ac75ab
a6909ce80dc8ae239cb392f85b7e99f3efb81c85060b396b2d45029a9ddbff79
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a962170e2fdadf93e36953667208d2a7d6a5957a06ff37106fef3a36cf9f1394
aa101fa1ea11969bcac00d582508a2382d7aefe1783e57f2e8cd28a0218b7a2c
aa73adf7bdf81de1d5ea4fe541f1edb22b0f2b3933e435a57afaceaefbbf2e8b
ab6cb04a54a12563b9c79bd73552c68f885e64163a82575398dc2715faca7c35
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc1857923a0e82a804397d5f38a2286149aa94ea019f142e6a36fe59026c60e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefa8d9159ef6a12a8aca0b453e83abbc11b6269fb936d8c3759676eff95d19c
afac2763540bda716fa9ce365c1786692f62b0ad0e8f212c72691792de10e9da
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0256594ae9dcfaa58023e80f3db91403cfe41220ad5427256be45c9e4df73f5
b09240b4428831f1e61c9516508103d4777648f2708003045bec2cab3fc06af1
b101e314b347ed332cb78c798dc6832e7c3405bb3a9e921e6674f103ae4a0d95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71eddb64edab08c418f04d49c88312ddb35aa052c4135b708a1cb9d72869853
b78f5727816ce8d5f78fb1b17840749e92b3ad37851976810e832047b22688bd
bb26f37f705a8d60ef5f1c38943f03016da40df5659b0c439e27dbb624071a18
bdbbbbddff674efe2df47d4b4ac65614bfad6605a248a9e09f5607841914c933
bde1aec3e3ca9697f7042f25a0295913bacb5c1cdbdb51c98faf5145d152d13e
bdf2f23e78a4e8fe23e638fb7768111ddca56c2f34393a205b61cbe33ecab389
beb00bdb9cbcab1ef9208b676e6ef39354940886d39cd4c351be25bff9467f4b
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c1e1e074995ea62b5d9c6352186b7fcb4551c21886f6b229bffaca3f0d12e0de
c2001b38a2e30ae1890e7a861ae27f53691ff6629c23e7f58af78d58886a6c16
c3dd3a49b2693a35918b39fd2910af5d34fa954d22f256a624210896a2363e25
c40e051944d94ffaaccff2e8ac17ea029dd5db43666bc7d9ba8a47a350f0b430
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2f6c397b2c8bc2ffe3a7f98875347fd37f44f8297f60b1f961123846cad866
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3a1770a2192e0f92fd84242e190c2c00699490f69534fd86774b5e7ea01ab0
ceeb6cf1573d2c74f301aa48a1f4de4f9b8498c6d805d198d09eed932d760111
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d06f62f8bc116cc95e614a6385bad91054f7bc48df9e28786c9570856ade7be8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c9d96b3aac2c66871912b318c62fdee48f1acd88399208b3d18d61d70dbeea
d59bcc344c3607056fb97c1c93e5e77c2e6564240bf94b4bc54e4e6fb5927eb6
d67188c4928aec07e09fad682e5e3ee71bad29342e5559ad8e952b9048d53fe4
d677de3ca73bea34b10dc238642bdbeb1a05e5e4aeacbb1aac3eb050612a1e92
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
ddebd3a7704ae84613f79a37c67261a5b25aaa0a9774263baa3b1320a92af0ea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea665148650bc173310c89b4f3526f99e799471a6f56928f7ae6f357cb0b22c
e0009ad7a1675224dfca568757792039f0ede9f6a555affc0bc019257611d6e1
e228703387f214989b7598cdb704b5f8a77d9ebdb73d5cfe5de845286a46538c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4e0383ed4c74095a430a00a7c52db5995c243b3b3c99b33e16b750737d56cc9
e7bf430b34c204a62f05ea0d6650381a3a5051d7d3c5e746d552ec2730f64c9c
eb56e286805b45e6aef11a726fb248c5f1a2c0b64ba84d96411edc1596a10570
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0502935bde868fba51465b4526d98494bb34dcdccc394e90debe3df534adb2
ee19343ddab645d1b2a9fb02d67b2e4568f25d2fc892b2c5453cc74870436418
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d2fd0848dcad0a53cd8d2d3f176033339b95c1176867ec80924ae5ade7cf17
f1e627b45613aaafc2dbf20a8f619a9b19b7887fac9587531f49941f0b4d71b6
f1f024aea71a13c24008447791866ec4f4bf16fd7dd9b359c91ba7559b5e0248
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f433b67e85c07424ed3119ac4b1af84764d64d3802433990f7b40c31e366624d
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
fc46de5e90fa13ea39f79f4a286dbfa0d6cb2dbca160ef97ecb2dac3445a83c5
fc5d039a85d79c67d60d3ae23e78432165e6e2fd3cf200241dfb6829355cc376

www.desidime.com Open in urlscan Pro 104.22.9.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

337 Requests

95 %HTTPS

48 %IPv6

39 Domains

64 Subdomains

57 IPs

8 Countries

5700 kBTransfer

13664 kBSize

38 Cookies

11 Outgoing links

Page URL History

Redirected requests

337 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.desidime.com Open in urlscan Pro
104.22.9.132 Public Scan

Screenshot
Live screenshot

Full Image

337
Requests

95 %
HTTPS

48 %
IPv6

39
Domains

64
Subdomains

57
IPs

8
Countries

5700 kB
Transfer

13664 kB
Size

38
Cookies

337 HTTP transactions
7 data transactions