lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.lookbook.nu/gluely
Effective URL:
https://lookbook.nu/gluely
Submission: On August 26 via manual (August 26th 2022, 9:25:13 am UTC) from IN — Scanned from DE

Summary HTTP 137 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 25 domains to perform 137 HTTP transactions. The main IP is 2606:4700:3034::6815:48a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookbook.nu. The Cisco Umbrella rank of the primary domain is 350582.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 28th 2021. Valid for: a year.

This is the only time lookbook.nu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3034::6815:48a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:20:... 2606:4700:20::681a:112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:f200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:f600:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:583::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
3	213.254.244.107 213.254.244.107	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
137	36

2 2606:4700:3034::6815:48a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.lookbook.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lookbook.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:112 (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wasabi-files.lbstatic.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:f600:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:583::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.107 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	243 KB
24	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 108 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303 ad.doubleclick.net — Cisco Umbrella Rank: 206	242 KB
20	lbstatic.nu lbstatic.nu — Cisco Umbrella Rank: 747307 wasabi-files.lbstatic.nu — Cisco Umbrella Rank: 897671	1 MB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	107 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	187 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 44819 hal900014.redintelligence.net — Cisco Umbrella Rank: 311366	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	4 KB
5	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 471 rtb0.doubleverify.com — Cisco Umbrella Rank: 666 rtbc-frc.doubleverify.com — Cisco Umbrella Rank: 16961	24 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1030	688 B
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	644 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 304	45 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	26 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	88 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 14679 pixel.quantserve.com — Cisco Umbrella Rank: 458	11 KB
2	lookbook.nu 1 redirects app.lookbook.nu — Cisco Umbrella Rank: 982669 lookbook.nu — Cisco Umbrella Rank: 350582	10 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 86408	52 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 277114	548 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	691 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286	33 KB
137	25

	Domain	Requested by
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
17	lbstatic.nu	lookbook.nu lbstatic.nu
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
6	s0.2mdn.net	lookbook.nu s0.2mdn.net srcdoc c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com lookbook.nu
6	www.googletagservices.com	lookbook.nu c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	hal900014.redintelligence.net	1 redirects c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com hal900014.redintelligence.net
4	googleads4.g.doubleclick.net	lookbook.nu ad.doubleclick.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
4	c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	lookbook.nu c.amazon-adsystem.com
3	wasabi-files.lbstatic.nu	lookbook.nu
2	cdnjs.cloudflare.com	srcdoc
2	rtbc-frc.doubleverify.com	cdn.doubleverify.com
2	cdn.doubleverify.com	c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com cdn.doubleverify.com
2	sb.scorecardresearch.com	lookbook.nu
2	www.google-analytics.com	lookbook.nu
2	connect.facebook.net	lookbook.nu connect.facebook.net
1	cdn.contentspread.net	hal900014.redintelligence.net
1	ad.doubleclick.net	www.googletagservices.com
1	hal9000.redintelligence.net	c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	pixel.quantserve.com	lookbook.nu
1	pxl.qccerttest.com	lookbook.nu
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	lookbook.nu
1	ajax.googleapis.com	lookbook.nu
1	lookbook.nu
1	app.lookbook.nu	1 redirects
137	39

This site contains links to these domains. Also see Links.

Domain
gluepens.wordpress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-28` - `2022-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
contentspread.net R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://lookbook.nu/gluely
Frame ID: CF93083BE62B428DFEF36FD1ED139846
Requests: 48 HTTP requests in this frame

Frame: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C33DB4C9EDCD9BDF29821EAC7A364967
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F12CE39609F4E2B1D7761F064D33942
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5286E8937C27D9CA248416A7BDBC3748
Requests: 2 HTTP requests in this frame

Frame: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA947F9A3A5E2F6351B4937645A23168
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGJO5i8wBMAE&v=APEucNWqdqMdTjSYZhSvER22q2ZJh4j_qRK_uaWSUcfXdPupnyziIYBBKldU8ry8BuPhc5u9vzCgPJ3Mj_rhT5VKSD5uPfNklzjeoHctODHpguIsUcP4De-WkfMIZQphXDeuUh2k9z5pIK5H68y01S9dGvuNijFDoIpHru_RIhvUVHBFb_4CgaU
Frame ID: AEE61F339AFF2F5A0E7D03973922FB73
Requests: 5 HTTP requests in this frame

Frame: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D9EDBD9BD7E446F26CCB7C2B61BA7ED1
Requests: 15 HTTP requests in this frame

Frame: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9850C6AD18F5EDF76C4C3792B5AC5C6B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY
Frame ID: 041FFE5F46B65726AF58484D0347DAF6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw
Frame ID: DCD66938ADF0F4D0D03A33D2749B261A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87DDC787DA2AC9F0C06FDD8301221F01
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57CA4F11F1E94205B9A2E9F556B3201C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F1B441F2086C0BC59AE6EF022EB7C15
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/762292649258806589/index.html
Frame ID: A27BB644A844BED9176AC240B643DDD2
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Frame ID: F68E389CD639C468D6F395D3E529E71A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68956E08C1967FA99AB97747FF8C4CFF
Requests: 3 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=53099100055973800710616012063014&a=bc9eac12
Frame ID: 65A8C60F7AFFEFB13C8C52F4803BC37F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gluely (@gluely) | Lookbook

Page URL History Show full URLs

https://app.lookbook.nu/gluely HTTP 302
https://lookbook.nu/gluely Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

93 %
HTTPS

60 %
IPv6

25
Domains

39
Subdomains

36
IPs

4
Countries

2198 kB
Transfer

4897 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://gluepens.wordpress.com/
Title: gluepens.wordpress.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.lookbook.nu/gluely HTTP 302
https://lookbook.nu/gluely Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1&C=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwiRcxGkxK0Mt-aBjGaxSQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECRShO-e44RznVZmUQIY_TU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRShO-e44RznVZmUQIY_TU%26google_cver%3D1

Request Chain 66

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MzU2MDM3NzcyMjgyMTkzOQ%3D%3D

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1

Request Chain 110

https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=3594412255407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=3594412255407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

137 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gluely Show response
lookbook.nu/
Redirect Chain

https://app.lookbook.nu/gluely
https://lookbook.nu/gluely

30 KB
9 KB

649ms
639ms

Document
text/html

2606:4700:3034::6815:48a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:48a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8806b8ef2df0ecf4444f18ff0dc4726abddab2952fd08201ce5781af445f20b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=14400, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 740b84a65b6e5a07-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 26 Aug 2022 09:25:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1%2FQQzqzC0nYy8OJMedsApVeCb8SYtHWmBV%2BlH%2FuBvpUQC8Wt%2BokKZucj05qMPLq7TSyS09pAt0Br0%2FwMJNqAhdjj9RUuB%2F6OJ9ptJsO8GOxhbTumJZ5vr6%2Bw%2BmheLCm9jAmfO1W1MSe3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-rack-cache: miss
x-request-id: fefad5a5adfb8cb8074093dfef68b645
x-runtime: 0.093503
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 740b84a2ac7c5a07-MXP
content-type: text/html; charset=utf-8
date: Fri, 26 Aug 2022 09:25:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://lookbook.nu/gluely
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqqBtaI5g667VUDo6OoTz1kUeb0thTxEQl90vbcTq79rfaltjqTVTerza%2BWiWV7M4IBgwhcDYQQLlILfKaAcwjfFjWI%2Byogob%2BtdkzsegQaKscuLr3bTVloRT%2FkR3Iar5d0%2FEAyD4tRQIW0sImg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-rack-cache: miss
x-request-id: 59fe63163ea0657f6c572a6917919ee6
x-runtime: 0.042927
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 application-e4fe603c2b70ce160ad7d335edb27021.css
lbstatic.nu/assets/ 575 KB
77 KB 117ms
43ms Stylesheet
text/css 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 1916
etag: W/"628c3598-8fa63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNzgKhFzvjDl4fhxp4O0sJxEqt8j7hh53KT8NvMiVyJjnSJkNuR1DeBr3JU6wFsMMGcpd1UtIQvGsW3j1MnSdA08DrydSXwnmwRIe6dAKxEfP4Cqe5HX6BsmfWJS7PAl5%2FkQjQ1Z5piH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84aadc943763-MXP

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 58ms
18ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 23:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 23:10:07 GMT

GET
H2 200 application-7b818775488356777838903bd9f8728f.js Show response
lbstatic.nu/assets/ 556 KB
158 KB 141ms
68ms Script
application/javascript 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/application-7b818775488356777838903bd9f8728f.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd4bc601b2d6cdd261ca5f70037aaefd1766fee638771a12fb8aeb1854e3d76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 1916
etag: W/"628c3598-8b177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCEPoLOui3XZDn3X%2FSrztll%2BEG0RSVvKexK%2F79GBkbDjoIAnhpWme0UCJ5%2BzF1AJo9JJ%2BO9oOb6aEV3xYC0Fxtq4ANDkFm4MIQiXe79uYsZ6Ww3GHScaTy7YlJthWAoVu9LyuWxRG5mK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84aadc963763-MXP

GET
H2 200 application-d09c4e65376710846df00b38a9418a27.js Show response
lbstatic.nu/assets/moo/ 91 KB
25 KB 110ms
38ms Script
application/javascript 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/moo/application-d09c4e65376710846df00b38a9418a27.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553678e59fceeacafd5154462c78076454ba407aa61ad43bb7d3537f7145998a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 1916
etag: W/"628c3598-16a8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye%2BBtmYdEBWXn7MWE%2Fa0eEywKDjo5YK7j81t8N4I1p8t%2F4KeiZwHobDZQahd25TcP1HBrKbUuTR1X2MSdv4oyITSBYF0uM5c6mEanblaNQt7hQe%2FzZE5zMSv0phpgvujjpOX5GFv0zCx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84aadc973763-MXP

GET
H2 200 prox-new-6f58470807ac660d8f50fe544c823bba.png
lbstatic.nu/assets/logos/ 953 B
1 KB 36ms
36ms Image
image/png 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/logos/prox-new-6f58470807ac660d8f50fe544c823bba.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2226
content-length: 953
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-3b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4bZ3gHxi9E%2FCFUXMj4nDioCMe8HqoTNMIRyxAY2vTsIb7bJzA8vHbfnNT6AAKOJlw4WKfrlWhcric55cTPDwFmo05Cv7VrH3ZSMRGMBM%2FShtAaNz2eeiSIlti7qnyzkmBz%2FuuU50Wgf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84ab8d8a3763-MXP

GET
H2 200 more-0b061e84918c4f68f8a0aad60ae58625.png
lbstatic.nu/assets/header/icons/ 19 KB
20 KB 33ms
29ms Image
image/png 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/header/icons/more-0b061e84918c4f68f8a0aad60ae58625.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916
content-length: 19662
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-4cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVeyBprvIsexEJrSShicms14Zn65eptcBRuATXI8M0YLAD9UQe4%2FMp3XiRS6MsNzsx1TpwM9ae59fv4P2bZ9ajzdF2zDxlgSe5YY%2FMCIboQQIMK7%2FpK3jfuS25MbYM7NOC07r5G6S9Wd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abcdde3763-MXP

GET
H2 200 maddi-mcfarland-3d87c16fba91bc958daaf56e821a24af.jpg
lbstatic.nu/assets/cover-photos/ 377 KB
378 KB 35ms
32ms Image
image/jpeg 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/cover-photos/maddi-mcfarland-3d87c16fba91bc958daaf56e821a24af.jpg
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f729aa0990fac5800957361e16e26df552f0332b142c509cb9d170c37c195c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 925
content-length: 386003
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-5e3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTdyJ5CZJkDmvNpkSSVTnuV7eDuLeUfSAyrlzW74wc0pycme%2FuHYrkheO1VDcrDggVCPn3IiiKH1HN0IOriLvzzjQ640vACI9dxZuALaHMnBoP3yKmwToKTnz4Sqy3WS4sA26lgLzirv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abcde13763-MXP
cf-bgj: h2pri

GET
H2 200 guy.gif
lbstatic.nu/assets/ 580 B
1 KB 34ms
32ms Image
image/gif 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/guy.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 925
content-length: 580
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vykDWckWxszVOkcz10gywx%2FPXE6XD7reszd6oLBZIebLMWDkZ9S%2FIiim2cR8hQe3F7xuPyfu3yoxMvCzyrCOJVtU%2Bk0VyUfR%2FbcqcKXAYbzGnvqSUqz9eItVFheQsvS98asDiKviDgY8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abcde23763-MXP

GET
H2 200 ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
lbstatic.nu/assets/ 3 KB
3 KB 34ms
31ms Image
image/gif 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-big-0d4c0c710c24223145d172f44db328d0.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4373
content-length: 2608
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgknmjBHce%2F5BjnwZJarnaITQS9FoHiRXSDgKhE7ql5MFCk9pBwC0SM%2FqPrYbmFzHe4I4CwTIIUHTsw13KIae7yYMWiZ5WAXK%2F6Zx6TpM%2BsDzJy6OqjyhFuKiP5iL6klldY7NZmNOwcC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abcde33763-MXP

GET
H2 200 ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
lbstatic.nu/assets/ 723 B
1 KB 33ms
30ms Image
image/gif 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/ajax-loader-fb-4fbe973b96349c727a1d97957527acc3.gif
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1915
content-length: 723
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ00pXGjTbGbHLWhj6FBcfKpM%2Bk4pTn6nv9IKv26tue2EaF5OglJInhT%2F33rQOWnBs5XqOJaI5ZxeLh2Ti7JTKGZ4su8ukqv6g03UEQrdKUxRSBpl47fkImXdH4YPzVeVejxyQaCjufI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abcde43763-MXP

GET
H2 200 1751167_IMG_9627.jpg
wasabi-files.lbstatic.nu/files/users/small/ 4 KB
5 KB 49ms
37ms Image
image/jpeg 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wasabi-files.lbstatic.nu/files/users/small/1751167_IMG_9627.jpg?1541770976
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 496634f73cc1855a47222991cb85231e6d2777d5d0d76fd9db919715f608747c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19302
cf-ray: 740b84abddf63763-MXP
content-length: 4294
x-amz-id-2: 6rT1gDA38cC1f4k0UlalnT92OdS8hYOyu5H2Z+ilcxYVMjwTo43tJtzWoyZNhQMl22ckFMtBw3eZ
last-modified: Sat, 04 Jul 2020 23:04:54 GMT
server: cloudflare
etag: "5a7777b1806716e8065408b940f1cc61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id7zEPh3p0nLIu7oVWf8zuwRbAnSayRTrx9BEF1pLQxhyNPZnHcrDso8JEu5FQdN0vvhewhyHd0uM0Yla2XxdneSbnoOnKZJ1j5lc0kuWDiXHdvK1EgEOYV5GZ1%2BiBCFxvz8m%2FBarry4RBKHSmAWEZFKWnj13A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AC92662DC7DC6C93
cache-control: max-age=1382400
x-amz-version-id: 001593903893914117474-k7q279hB_Y
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 3872288_image.jpg
wasabi-files.lbstatic.nu/files/users/small/ 4 KB
5 KB 48ms
36ms Image
image/jpeg 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wasabi-files.lbstatic.nu/files/users/small/3872288_image.jpg?1647908178
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c665a5e17360f559684cfd5a667d02cffd0d414e798418df0d4289ff98a5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138438
cf-ray: 740b84abddf43763-MXP
content-length: 4244
x-amz-id-2: MQ8wnCR38x1t9fE9Mc0KOUE8LTRHG2BbsDncPZaVneP304Fqhya8OzY9wB8b3OaS6Oig5VEk08eu
last-modified: Mon, 25 Jul 2022 05:09:28 GMT
server: cloudflare
etag: "98102661d4c8b0441bcbf09707b0cf81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p733hakeXyqU%2ButJcW9lDFWm2Tn0gVz%2FLFvvLyqt0YHz8HXiKshrBiVVOUoA0sQ13e1VzTulM4jhYLcC7oY%2B10tV%2BM0EgpwJCd40ZT1BD4CZrJM7VpDKXhLgN8lReb64SC7ko3FB7hDvtECrJMKpojHw9APYqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: A7F506774F67992E
cache-control: max-age=1382400
x-amz-version-id: 001658725768359602450-7Z8oejlC3G
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 5272244_image.jpg
wasabi-files.lbstatic.nu/files/users/small/ 4 KB
4 KB 53ms
41ms Image
image/jpeg 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wasabi-files.lbstatic.nu/files/users/small/5272244_image.jpg?1657148385
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5080a86288dc83628bab210ca5e067556e1bbe79ac0f36de8fd8f18847f23a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138518
cf-ray: 740b84abddf83763-MXP
content-length: 3844
x-amz-id-2: Jn8JzQDsOtDZH68z0sWkxvieMdb7Et2OVblO4p7Ou0N7YygCzKuvVr1ccXNcngEmPvYK7TwXwtfO
last-modified: Mon, 25 Jul 2022 05:06:20 GMT
server: cloudflare
etag: "798ac15a18b1a5f8f59be468bb9f2aee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp%2BT8a0OdyGYzsJgRCeUO%2BG8aLdeFw6%2BuHJA9K%2F5jlYp7zQLvfK7iQ56%2FPhkGesy58J464vM0ZpLLQ9YMIN8GfquFYJto3f2M0K201FB9oYjypQTd2ME4u5G60Hi20wwMcM6nsctyFkY50gnLzqyVSfm1cb4IA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 44855128D2E5B8A7
cache-control: max-age=1382400
x-amz-version-id: 001658725580239178783-F5YERBrMD9
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
lbstatic.nu/assets/icons/ 686 B
743 B 39ms
38ms Image
image/svg+xml 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/icons/arrow-up-white-5b97dd7bb071edf6b965bf452cda9fc2.svg
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 5641
etag: W/"628c3598-2ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlXFVUCCxcup7zJuhGjRmmWCMu05ARVpJJi2m2%2B%2FDMbQLT1IZfQvwdrm9kHp4TTq%2BClogCNWyo8%2FJkr3vCAfFKIVymvxh7NIKXHMS1o5Xt8f4r7L0wsz1%2BNMnfjehT01YaF9SEDCtAxm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84abcde53763-MXP

GET
H2 200 quant.js Show response
edge.quantserve.com/ 26 KB
10 KB 59ms
16ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: gzip
etag: "TFjIU174W8I7nbu1DVEZpA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 02 Sep 2022 09:25:06 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 127ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

917558021675c8b39c6a2e6eabeac00558ecdf7c2c3f7c0cb9ded7fc3a45dddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28473
x-xss-protection: 0
server: sffe
etag: "1314 / 753 of 1000 / last-modified: 1661465245"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Aug 2022 09:25:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 74ms
18ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 26 Aug 2022 08:35:22 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 2985
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: PG8n95sIKKpPWxf85imQw3xR_OU5wY04x0EdG8soghbpC4aMTF_qsQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 60ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33ba9b42ab037d3a52b2b76314ba3b641a70114b7e955dc90e490267bfe85d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LQ6K32E6zzirV5DtVKuRWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: uKMWin4yHO3RrnCMOg6SuCxei89T/Ffi/ZOAc/7CjIAfK9BnKggfh9vRviP6k4b0S0pEPoU6U7iNd9LUPG5H0A==
x-fb-trip-id: 686109401
x-fb-content-md5: ea313e292f2641973f205d72268c5ad3
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Aug 2022 09:25:06 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661505872123
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "be961b3f2da850729059579cdd940d26"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 26 Aug 2022 09:44:32 GMT

GET
H2 200 ProximaNova-Regular.woff
lbstatic.nu/assets/ 85 KB
86 KB 126ms
72ms Font
application/font-woff 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Regular.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 2223
etag: W/"628c3598-155b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2Oz9ks4I7nT2bl5khwrAircnm0%2BBcpWmlMPojTMco60cWLoTZsUEDbs6PRSvjRJfHM6xEQ3aAh4pl3Oc%2Fec1rnUPMEci8Yvsk5oNC7iwbCwg5bfu2dTdvHw1w1qI9%2FlPy%2BYgPLBxuhl"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84ac3ffa83b2-MXP

GET
H2 200 new_sprite.png
lbstatic.nu/assets/ 26 KB
26 KB 32ms
31ms Image
image/png 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/new_sprite.png?cb=9
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4373
content-length: 26481
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-6771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXZVvypiYZB%2BKgaxl9ThDsKqm3%2BLSjh%2FdkxlJe6ved0P8LaymsCrs4F76UmFPKVmMegNsk8Gf9OqvY8ShUQ3gh0cGSPuZu%2BRCLXa1lSl9UcFSkI%2FddBHmeyD4DqoFYYaM9ABEKxFAD5j"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84abee203763-MXP

GET
H2 200 ProximaNova-Bold.woff
lbstatic.nu/assets/ 76 KB
76 KB 149ms
100ms Font
application/font-woff 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Bold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 2223
etag: W/"628c3598-12e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zubLK8iMPBpqXSeE%2FGjrb2TrWg5VSUvsPGXAcmOlbSF9l4gVDkxjEdMLzyActKIAAv1kT0mVIkixgelwr2exRneKQgDsFnkXat%2FxUNe83nl9z8ZuHU2QQKLvs%2FCL4zIIM4JuJ0eiXuw4"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84ac3ffd83b2-MXP

GET
H2 200 fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2
lbstatic.nu/assets/ 55 KB
56 KB 147ms
99ms Font
application/octet-stream 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2?v=4.3.0
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2223
content-length: 56780
last-modified: Sun, 15 Jul 2018 18:53:39 GMT
server: cloudflare
etag: "5b4b9833-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN5%2BsdulRLh9Z4Nxpq%2FVtQPEKJ9Q7SDx5SiaMOw90IA8ob5nk3ZP5kfbJbsb5fZJtWH2yoYgzPThuxtsqP%2ByhnwP0uUzPF%2FIPApmpwxYZ9KDhDdQRgLFm1kt9CkFCQWBQmUD0hqhUyAQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84ac3fff83b2-MXP

GET
H2 200 ProximaNova-Semibold.woff
lbstatic.nu/assets/ 80 KB
80 KB 148ms
100ms Font
application/font-woff 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Semibold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 2223
etag: W/"628c3598-13e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbqN6%2F3EIBL6rCkcc1alwN0NRHmh9nvzapzuCbv70az%2FkB8WNh%2BTjaBpnT6sLwFgZ4rN1ALKgx9FGsuM9%2FZg2gV8DIafv%2BRsYd4Sdm4FWoq4YCMFsgA9o0RxvsiDpqepsqdSg1hTBBr9"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84ac380283b2-MXP

GET
H2 200 ProximaNova-Light.woff
lbstatic.nu/assets/ 91 KB
90 KB 148ms
100ms Font
application/font-woff 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Light.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 2223
etag: W/"628c3598-16c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDX5LxmMZXLJFmBesdoNHFWbTs8TDf%2BWEpM5TeFea2heA2%2FkgENGAXUxGDhYqLiCDfIpyuXJeJF1ORhEg7b7jqfndT8PAvgvh%2BddX%2FXE66m9g7bL1NiZ1kGuHJ3vulx58tIM4DTg04Hb"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 740b84ac380083b2-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1386
date: Fri, 26 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Aug 2022 11:02:00 GMT

GET
H2 200 rules-p-15_abpQY22gxg.js Show response
rules.quantcount.com/ 209 B
691 B 65ms
15ms Script
application/javascript 2600:9000:2490:f200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-15_abpQY22gxg.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f18603569ccd052775409baed22faf7d0577c3577e812822e1d31f580545fefa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:35:42 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
age: 3066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Mon, 22 Aug 2022 14:06:41 GMT
server: AmazonS3
etag: "a952b857d73c8d9ec8c074944566310f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: rz73jWeFlmzvbVGhIAfCTXrkA8582-OANBW3dJ40sPf4HyyUWH6cIA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 63ms
17ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 03:35:59 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 20947
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: WGaY72ReSgyahO-sFTd80AVrK1ArncShxGdBnxl-B0vObw3WlFKvFg==

GET
H2 200 bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
lbstatic.nu/assets/ 294 B
594 B 35ms
35ms Image
image/png 2606:4700:20::681a:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2223
content-length: 294
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOMaz4HuwSZuJvvPZJ%2FdByRz7zw5uToztxWWsteg0mmr7oAcwvM4INpT5m66ppt%2BajPg3lkX91R7%2FZBBu%2FX%2B2NIR9dkF0BXhfILeWKUZKDq4RBMCsxQGOtstoarxwGGBg2HdOEVDtz7d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 740b84ac7ea93763-MXP

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
86 KB 35ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ed661bbcb31a8f6be9682cc563974647

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba16a08e6b944165271454c9adcebf4d1117a1f74fd8fb97929f11bacd074b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lookbook.nu/
Origin: https://lookbook.nu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UJUp0O7MDOu3tqMYGNWTOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87975
x-fb-rlafr: 0
x-fb-debug: qS4ve/tm12QwVAnQH6nWIR8zXDLCfvzKgxs0cQ1FuG7cqLcgwBhquXatz303BGnK+l9FeWRt6qLPhBPkEd1nAg==
x-fb-content-md5: 1ed8e1ed305455f41de857e30def52ee
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Aug 2022 09:25:06 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661498654045
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bc58deb008f34d74d04cdb09b56d9225"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 26 Aug 2023 07:24:14 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 16ms
16ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flookbook.nu&pubid=32930239-e300-4e84-8205-3dc868716562
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 03:33:58 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
age: 21068
x-cache: Hit from cloudfront
access-control-allow-origin: https://lookbook.nu
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: rCUxi-ub07sk1T3oIvVwx9R4CZ7Yu-cL4oxWN2m9v-YOk63FE48v0g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 60ms
59ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flookbook.nu%2Fgluely&pid=JkRjvh9x5vmGq&cb=0&ws=1600x1200&v=22.8.221912&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1509568888555-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1093101%2Fex_hp_728x90%22%7D%5D&pubid=32930239-e300-4e84-8205-3dc868716562&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 7Z6VHXR1A4BW3GX5M7F4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: owv46qB0GSp0vpliU0xn-1MkVXmA6v8oEde30aqJHCOJpjUedMSilA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 48ms
17ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 51195
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Thu, 25 Aug 2022 19:11:52 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: c9EZ0bEd6D_jOexF7CnJGo30eatqmI5ewjmAngTVB45y9kx9R_SsmA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 99ms
34ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4019432-1&cid=295022171.1661505907&jid=288437774&gjid=589985987&_gid=1332779767.1661505907&_u=YGBAgAABAAAAAE~&z=1846204599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Aug 2022 09:25:06 GMT
content-type: text/plain
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1405834266&t=pageview&_s=1&dl=https%3A%2F%2Flookbook.nu%2Fgluely&dp=%2Fuser%2F10673640&ul=en-us&de=UTF-8&dt=Gluely%20(%40gluely)%20%7C%20Lookbook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=288437774&gjid=589985987&cid=295022171.1661505907&tid=UA-4019432-1&_gid=1332779767.1661505907&cg1=User%20Profiles&z=768294871

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 04:41:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17027
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022082401.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
130 KB 109ms
26ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132170
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Aug 2023 11:14:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 110 B
725 B 142ms
60ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lookbook.nu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fa154aae30700d792a088ec67e9e94878f0947772590d3dd49bb69dcdb1fc3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Fri, 26 Aug 2022 09:25:06 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 18ms
17ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8354559&cs_it=b3&cv=3.8.0.210223&ns__t=1661505906677&ns_c=UTF-8&c7=https%3A%2F%2Flookbook.nu%2Fgluely&c8=Gluely%20(%40gluely)%20%7C%20Lookbook&c9=
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/gluely
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:06 GMT
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: vZrPfpdebl8GYMPQNk-W_rd4IKvLjbssh7SrAq7O-ezUT07_O07eaQ==
x-cache: Miss from cloudfront

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
548 B 86ms
28ms Image
image/gif 2600:9000:223d:f600:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=58270061;fpan=1;fpa=P0-671137736-1661505906680;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=lookbook.nu;dst=0;et=1661505906680;tzo=0;url=https%3A%2F%2Flookbook.nu%2Fgluely;ogl=site_name.Lookbook%2Ctitle.Gluely%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fgluely%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.When%20applied%20with%20glitter%252C%20Art%20Glitter%E2%80%99s%20industrial%20strength%20transparent%20glue%20dr

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 05:55:33 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 9toDl-jbZ5b4FPGoE1cQVR3cJWpwPkr9qbWb-cMUaool7RsaxPMQjQ==

GET
H2 200 pixel;r=1557671407;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fgluely;uht=2;fpan=0;fpa=P0-671137736-1661505906680;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=lookbo...
pixel.quantserve.com/ 35 B
371 B 46ms
29ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1557671407;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fgluely;uht=2;fpan=0;fpa=P0-671137736-1661505906680;pbc=;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=lookbook.nu;dst=0;et=1661505906683;tzo=0;ogl=site_name.Lookbook%2Ctitle.Gluely%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fgluely%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.When%20applied%20with%20glitter%252C%20Art%20Glitter%E2%80%99s%20industrial%20strength%20transparent%20glue%20dr;ses=fd4cf736-c1ef-4c04-b310-55ea57a64e19

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 189ms
121ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=71607949800&input_token&origin=1&redirect_uri=https%3A%2F%2Flookbook.nu%2Fgluely&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ed661bbcb31a8f6be9682cc563974647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: l9lnBjBUTa8/EWyqkSRUkAklSYaYbfrrsMuPlMgIUljo26U5HsfEaaibx9PtWE9zR5hhE45Lt76EHQwOj7cTwA==
fb-s: unknown
date: Fri, 26 Aug 2022 09:25:06 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 67ms
27ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 513ms
470ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4104596178045129&correlator=254001837260971&eid=31068457%2C31069154&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fifs&iu_parts=1093101%2Cex_hp_300x250%2Cex_hp_btf_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x250&ifi=1&adks=1276300409%2C1030487218&sfv=1-0-38&fsapi=false&eri=1&cust_params=d6%3D6%26d20%3D5%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&sc=1&cookie_enabled=1&abxe=1&dt=1661505906892&lmt=1661505906&dlt=1661505906279&idt=579&adxs=990%2C990&adys=384%2C1283&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flookbook.nu%2Fgluely&frm=20&vis=1&psz=300x250%7C300x250&msz=300x250%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=295022171.1661505907&ga_sid=1661505907&ga_hid=1405834266&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bfe1482f47bf07860834eef43c6866f82dae52bb5c0e4ab54fdf2b8800cfa478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12650
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 362ms
320ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4104596178045129&correlator=4196332817907514&eid=31068457%2C31069154&output=ldjh&gdfp_req=1&vrg=2022082401&ptt=17&impl=fifs&iu_parts=1093101%2Cex_hp_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=3286650984&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=d6%3D6%26d20%3D5%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&sc=1&cookie_enabled=1&abxe=1&dt=1661505906896&lmt=1661505906&dlt=1661505906279&idt=579&adxs=310&adys=384&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flookbook.nu%2Fgluely&frm=20&vis=1&psz=980x0&msz=980x0&fws=0&ohw=0&ga_vid=295022171.1661505907&ga_sid=1661505907&ga_hid=1405834266&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5357ba543c71f2139bea63815e89a1c23422703ec30db40a5a213e4ee044c814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10782
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C33D 6 KB
4 KB 94ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:06 GMT
expires: Sat, 26 Aug 2023 09:25:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 119ms
64ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c76f9f0e3f54033d69ad83503075da0bdb311300e61f08334ab94c3e47f8970f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11063
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 77ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 09:25:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F12 13 KB
5 KB 52ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:08:37 GMT
expires: Sat, 26 Aug 2023 09:08:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5286 783 B
1 KB 68ms
27ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d40e2b8b953f7c7e3cb23e8646c4b8f15a4a94fa354288d9bb31546478eb1e15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fCy0elW4wnzGMyC_ig_Iuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-fCy0elW4wnzGMyC_ig_Iuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
expires: Fri, 26 Aug 2022 09:25:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA94 6 KB
3 KB 59ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
expires: Sat, 26 Aug 2023 09:25:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F12 36 KB
14 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 15:21:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5286 0
0 75ms
50ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082401&jk=4104596178045129&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AEE6 624 B
616 B 106ms
62ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGJO5i8wBMAE&v=APEucNWqdqMdTjSYZhSvER22q2ZJh4j_qRK_uaWSUcfXdPupnyziIYBBKldU8ry8BuPhc5u9vzCgPJ3Mj_rhT5VKSD5uPfNklzjeoHctODHpguIsUcP4De-WkfMIZQphXDeuUh2k9z5pIK5H68y01S9dGvuNijFDoIpHru_RIhvUVHBFb_4CgaU

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
expires: Fri, 26 Aug 2022 09:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CA94 15 KB
12 KB 104ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CawTWGyC8rZEoqpIgTt8sh7W7vePV_kTM-6LVnlMIQeJlp7zNPpQ0V8mNQ3-1WKv4WsS721W05aUU0EHAYIL5ydqXlwDAzC4pSUqtEQuiATNuAM3p7y-tQRV_0V9IR9A-gdAinp6PAEfTu_qtrwIM9JL-AAg&cry=1&dbm_d=AKAmf-DrsOTPNGEy0Fm1KdJp75CbofHYtUIOkFh_5AR6VJJBjK29wr7erjwY-3JKKS_zvWpz_rbJIijNhyRsqFzdUPhdn_yenSQ544McdVdJfGkC7EhQhT-1j0_9OzjIIavVrnz-TREiBltFw_YT7veumU9u1MzeX8fkkmqV5T9K3FumbZW0uoqelD5STvwCJpxFHPNdMdwWx0Ng_U-S2pPysOQdrCXY53iD4vJzovjpwvi0ik0nymwS4BChNEjBeZWhBZNBGb2eIc2hdMCX1CFC29q_Q8T7BLTU8VWDA9Q5ZKpLF5JS9VBeXuTNlHpaNs-zfPW9JVGHKw6L8VUahnDmCfPP6CFolpB93lv9AeoBAQVplkBeYPBMy70PLDc8vsgXhd5Ei354pBh9JkwNX2S7VpR3uQGvH5IHIjle5CxdCIfG__jE7An06Tzrb3cYIzrfnDd6wk6tRPDoscSA56JSejYlRlmsdvhx521qDLY_NPkGha-O1PeM01Wy6eFRyyz6x0sr5kc4GZErJw8YCb0C5NjIm1-ZpDIx9TJ96dUOAQgILAGAQ0jIhI8w_omvK8Z7UkOAuC3Iiu6-ARQarItxKBx9qthwlSKJiWk6sPqCxAaOeT7dOQ-ajJnq0TNGjzLOplxGRnE2mzIhmzUqNQfww3FOXvzzbOPA5rJEaHC5MsewA5q160gUQXTay9FXnCf9iDINowxXCe6X_-hsi2vstYSQzWxvi0hiH8dxXfmlrj7JHWqxNytWOTf3SznCgm71cAnPQa7IJc7SrZ63mMxLHpVZrnz-TQaN0xQBawGfmF06DaRVZlcEVkYUy43J9_obvytgZwxiXZEG0w6OpMqQYiookLeJ5GnjLbQqG9cpB0qX2wbGXdrw0ZI0sT530dtYNeqTfIQVWr5vbftmmzXFlvnHpcrmFeAAaHzyLFcseviw8lzzOqVCKtngsrAFJnLaEBp9EMyJHh7T2PZQ210GCpLh2Ed6dlhrsNyBuVglfsPvxZltEJdBIiYPCDyVRU5fFL4Rqg2wP5vkeduSSw1qmuuBvi2WxcVCTl248ymd5QcPwjvSsiXTnzENQWzrYNigthXEdKFXyq139zF1Iu1dnFlV49g1VxGGTRSNaBWN-cC3wVzPLFVBCk8NnREhq9H5HxaA2BH4sFaTJm4ACmaogclQyrGdv_lj2BKb3l9rJRqd4sELmU3XaNl5uSLUvUq92ohj36ZvvyWdtbAuUzjlPZko5mpUBqikJcKWItmC3fXbHOQ3UiEe9S6BGDaht2xplj7n-xEUbHAAX_nqOaTHm6-hJsH0RoEvREiJrP7IkV4Rcj5rYb7njhKFOH9nRzfbjDFvRBApGbGg9_ao2bKp6q_ea83XbWsbVpK3taGtGN0VlMlLMHk03W0e2oNWFFYZlfirmVPdjJI6EUjUTYqw3WZpslsJAOlbRMnZCJgqmPTy8uG5xV9efBIc-S208vEKsLaHBK9FXrwHJ_y1fux2C9aZVkpmNI7b_Q_loVV7dozGXb0QFE2rfhcNOMhwiwI0CaE1llx2oJG647KrabpYdfx9zLJn2vOAxex5emBiQH5_ReUsbyr9EGByefJgpMeeOZgV91Kj44aIUI0Tg04OpJgeSQbvobWtpIxPuDqOeTlGKPiD1c8P5NbpJIZdLyiNPsIf_WDYQ-dmLUf4QT7_UfprAUll53nUC4LS5BrREgcWkZ-X_e1gnGxMKlh8_HiwtVrKP8Xhxix8lFE691yVMcANcBsGTb5vpI8UfRLfsTD3DLhfJaJShSTaqccMYYhxD9s-9KQI-1ayiwoCUNPf22tdwnUeza2lrc4P0H0mqSEoPcOA0-EhabjfXKNx-CvNxim06F4WgyDQBcjqj_t-5RGSIhHLR9UVYyl7g8ReBd8IHBRVB-PRAJ3lUwO3QkrWjuE6MMsmeLpWBMxEbffD5_TEIRkR9Hf0MPFz7cYtfgl9BsvWGUn7eLerhBolcolWv6HBxfereFMy27SEfLsgGcwNg5mcAc4HX8BCFfn9YLP6UTuLFTf3sNtd72jklZLqFXKb5d944ag2Chmd7Bc0S0awwDWA4TeTc5Y_bp4lZ1E-J09oYMDSwyrt3ElIESHahDhpvHv1Rn03wgO-l4hMfmO3ebF3nSKlaNMiGTSXj5i2t48v05bNIMfWsjcaaGdF2c-8yhug-rN-I_Z_Vm8FBXRGdrLy7E3EwBui1N76hlh2C3cphaSEVkpWIx40-7-f58-670zYTTyPEuzz2lnmkq66Fo4zpAfqdGK58yYSV-NKjN9xbnW0teOUDONMfgCbKZDhpfl6npfppoGC68fIS6r91Gx23-JlA00BCCaKyG9hvOAKiqWK1p3VwMQQ6-zScLSYK4F9QRvZdWKXGG_Hmymt1S_py1iWV3iX8JIgRqx1cDwcBnI3IBbWvckS6FiApylQpIcYjhdHzXnJsLd5Ox3XCBJe_gg0XZgEAHwYVFuHaAriQQXQyW3XcABOnrVFJIAuAX3wIYPI2EeoKmZMK5xAO2h1XmPh5pZ4L-f2eLZmhz3mQVAhlAGjioZ9N3jJsT5MrLImf0mm1bvntJh_8GCmSoINFW2n5gAFjs4ZCINQe5ciOMzTeGbZfDnjuCXJVJF6bOAq_eM8q95FZz-pP6A4QlPufA3_8N16M5ePeWoWiW4GUQIyPc14TlC-a2oRfenp6pv1Ig5MU2RLBVnMDxexUqxbnBGH1diE3QUrnxiCMe8zNxvhnVoP2rwfJ9eFE8fcdtYKBu869j8DB9u7tA_NaVYy9SqLXrrADgH5j3Cbna1xsmOgTmfF9oStyiciI5DXvUsQR0TagOd7adQ6TiQXlo0AlgsgrClP41j1tKiz85CU2sFE8EeKfK7IHyIXNRfdUiwhdNKUeijRutC20hFTMzBH0WOLv4JCfqI4G3LqERqNWBGxC7GzQ16FQyObcCxzCUHV9rOLFzmJulNzEUrKl1qEwEjM9BMPK0tUn7ggTtfHbWJX3zqA5AmLsA8kNOlEGWQkm7F813sY_ipNjjv5y034ykHfv5LDVq95tCxlmqwbLk8fhORLerlGC6iZ1w7S0E1PbJryVz0YfcHth9hXNncFwjmu7xTv7_YUvzgnooPV89z95LnBv2uRisflspdEMhihxrbeJPs4QLYM94qQnGnrPw&cid=CAASKORoe_xYiN7j4G8Qm4s8odbAar6LrD4ycXdksIjR55o0wNNQCCzDsow&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03014c182047b9c76b26a98e3740d9f4f066bcc1a8fd5fb66f1aade56f6077d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA94 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZbCQNzwkAy1z1OeoNxT3hlB9Od7nINu_YqSGmGtgHphNuTM0rcoOZcs8CmALKxM2-X_FMnYq2vvR76aqnozEXqGIVQLB7mirxid4VQeSm1BGKUMU

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame CA94 2 KB
1 KB 100ms
27ms Script
application/javascript 2a02:26f0:3500:583::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6566001&sid=18330&dvregion=0&unit=728x90
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:583::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 09:25:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame CA94 3 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/window_focus_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:21:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame CA94 17 KB
7 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:23:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CA94 0
0 64ms
24ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-P9ipplgvghBY1r32IHm6ou9wM1vgCE9V67PEjQngkjpWQW3CMgI315GkK9SUNv_TC7h7yEFV5fflvnE5GTJyQ2BEeg
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA94 140 KB
43 KB 80ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 09:25:07 GMT

GET
H3 200 container.html Show response
c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D9ED 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
expires: Sat, 26 Aug 2023 09:25:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9850 6 KB
3 KB 32ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082401.js?cb=31069154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
expires: Sat, 26 Aug 2023 09:25:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CA94 41 KB
15 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CawTWGyC8rZEoqpIgTt8sh7W7vePV_kTM-6LVnlMIQeJlp7zNPpQ0V8mNQ3-1WKv4WsS721W05aUU0EHAYIL5ydqXlwDAzC4pSUqtEQuiATNuAM3p7y-tQRV_0V9IR9A-gdAinp6PAEfTu_qtrwIM9JL-AAg&cry=1&dbm_d=AKAmf-DrsOTPNGEy0Fm1KdJp75CbofHYtUIOkFh_5AR6VJJBjK29wr7erjwY-3JKKS_zvWpz_rbJIijNhyRsqFzdUPhdn_yenSQ544McdVdJfGkC7EhQhT-1j0_9OzjIIavVrnz-TREiBltFw_YT7veumU9u1MzeX8fkkmqV5T9K3FumbZW0uoqelD5STvwCJpxFHPNdMdwWx0Ng_U-S2pPysOQdrCXY53iD4vJzovjpwvi0ik0nymwS4BChNEjBeZWhBZNBGb2eIc2hdMCX1CFC29q_Q8T7BLTU8VWDA9Q5ZKpLF5JS9VBeXuTNlHpaNs-zfPW9JVGHKw6L8VUahnDmCfPP6CFolpB93lv9AeoBAQVplkBeYPBMy70PLDc8vsgXhd5Ei354pBh9JkwNX2S7VpR3uQGvH5IHIjle5CxdCIfG__jE7An06Tzrb3cYIzrfnDd6wk6tRPDoscSA56JSejYlRlmsdvhx521qDLY_NPkGha-O1PeM01Wy6eFRyyz6x0sr5kc4GZErJw8YCb0C5NjIm1-ZpDIx9TJ96dUOAQgILAGAQ0jIhI8w_omvK8Z7UkOAuC3Iiu6-ARQarItxKBx9qthwlSKJiWk6sPqCxAaOeT7dOQ-ajJnq0TNGjzLOplxGRnE2mzIhmzUqNQfww3FOXvzzbOPA5rJEaHC5MsewA5q160gUQXTay9FXnCf9iDINowxXCe6X_-hsi2vstYSQzWxvi0hiH8dxXfmlrj7JHWqxNytWOTf3SznCgm71cAnPQa7IJc7SrZ63mMxLHpVZrnz-TQaN0xQBawGfmF06DaRVZlcEVkYUy43J9_obvytgZwxiXZEG0w6OpMqQYiookLeJ5GnjLbQqG9cpB0qX2wbGXdrw0ZI0sT530dtYNeqTfIQVWr5vbftmmzXFlvnHpcrmFeAAaHzyLFcseviw8lzzOqVCKtngsrAFJnLaEBp9EMyJHh7T2PZQ210GCpLh2Ed6dlhrsNyBuVglfsPvxZltEJdBIiYPCDyVRU5fFL4Rqg2wP5vkeduSSw1qmuuBvi2WxcVCTl248ymd5QcPwjvSsiXTnzENQWzrYNigthXEdKFXyq139zF1Iu1dnFlV49g1VxGGTRSNaBWN-cC3wVzPLFVBCk8NnREhq9H5HxaA2BH4sFaTJm4ACmaogclQyrGdv_lj2BKb3l9rJRqd4sELmU3XaNl5uSLUvUq92ohj36ZvvyWdtbAuUzjlPZko5mpUBqikJcKWItmC3fXbHOQ3UiEe9S6BGDaht2xplj7n-xEUbHAAX_nqOaTHm6-hJsH0RoEvREiJrP7IkV4Rcj5rYb7njhKFOH9nRzfbjDFvRBApGbGg9_ao2bKp6q_ea83XbWsbVpK3taGtGN0VlMlLMHk03W0e2oNWFFYZlfirmVPdjJI6EUjUTYqw3WZpslsJAOlbRMnZCJgqmPTy8uG5xV9efBIc-S208vEKsLaHBK9FXrwHJ_y1fux2C9aZVkpmNI7b_Q_loVV7dozGXb0QFE2rfhcNOMhwiwI0CaE1llx2oJG647KrabpYdfx9zLJn2vOAxex5emBiQH5_ReUsbyr9EGByefJgpMeeOZgV91Kj44aIUI0Tg04OpJgeSQbvobWtpIxPuDqOeTlGKPiD1c8P5NbpJIZdLyiNPsIf_WDYQ-dmLUf4QT7_UfprAUll53nUC4LS5BrREgcWkZ-X_e1gnGxMKlh8_HiwtVrKP8Xhxix8lFE691yVMcANcBsGTb5vpI8UfRLfsTD3DLhfJaJShSTaqccMYYhxD9s-9KQI-1ayiwoCUNPf22tdwnUeza2lrc4P0H0mqSEoPcOA0-EhabjfXKNx-CvNxim06F4WgyDQBcjqj_t-5RGSIhHLR9UVYyl7g8ReBd8IHBRVB-PRAJ3lUwO3QkrWjuE6MMsmeLpWBMxEbffD5_TEIRkR9Hf0MPFz7cYtfgl9BsvWGUn7eLerhBolcolWv6HBxfereFMy27SEfLsgGcwNg5mcAc4HX8BCFfn9YLP6UTuLFTf3sNtd72jklZLqFXKb5d944ag2Chmd7Bc0S0awwDWA4TeTc5Y_bp4lZ1E-J09oYMDSwyrt3ElIESHahDhpvHv1Rn03wgO-l4hMfmO3ebF3nSKlaNMiGTSXj5i2t48v05bNIMfWsjcaaGdF2c-8yhug-rN-I_Z_Vm8FBXRGdrLy7E3EwBui1N76hlh2C3cphaSEVkpWIx40-7-f58-670zYTTyPEuzz2lnmkq66Fo4zpAfqdGK58yYSV-NKjN9xbnW0teOUDONMfgCbKZDhpfl6npfppoGC68fIS6r91Gx23-JlA00BCCaKyG9hvOAKiqWK1p3VwMQQ6-zScLSYK4F9QRvZdWKXGG_Hmymt1S_py1iWV3iX8JIgRqx1cDwcBnI3IBbWvckS6FiApylQpIcYjhdHzXnJsLd5Ox3XCBJe_gg0XZgEAHwYVFuHaAriQQXQyW3XcABOnrVFJIAuAX3wIYPI2EeoKmZMK5xAO2h1XmPh5pZ4L-f2eLZmhz3mQVAhlAGjioZ9N3jJsT5MrLImf0mm1bvntJh_8GCmSoINFW2n5gAFjs4ZCINQe5ciOMzTeGbZfDnjuCXJVJF6bOAq_eM8q95FZz-pP6A4QlPufA3_8N16M5ePeWoWiW4GUQIyPc14TlC-a2oRfenp6pv1Ig5MU2RLBVnMDxexUqxbnBGH1diE3QUrnxiCMe8zNxvhnVoP2rwfJ9eFE8fcdtYKBu869j8DB9u7tA_NaVYy9SqLXrrADgH5j3Cbna1xsmOgTmfF9oStyiciI5DXvUsQR0TagOd7adQ6TiQXlo0AlgsgrClP41j1tKiz85CU2sFE8EeKfK7IHyIXNRfdUiwhdNKUeijRutC20hFTMzBH0WOLv4JCfqI4G3LqERqNWBGxC7GzQ16FQyObcCxzCUHV9rOLFzmJulNzEUrKl1qEwEjM9BMPK0tUn7ggTtfHbWJX3zqA5AmLsA8kNOlEGWQkm7F813sY_ipNjjv5y034ykHfv5LDVq95tCxlmqwbLk8fhORLerlGC6iZ1w7S0E1PbJryVz0YfcHth9hXNncFwjmu7xTv7_YUvzgnooPV89z95LnBv2uRisflspdEMhihxrbeJPs4QLYM94qQnGnrPw&cid=CAASKORoe_xYiN7j4G8Qm4s8odbAar6LrD4ycXdksIjR55o0wNNQCCzDsow&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AEE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1&C=1

43 B
941 B

50ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGJO5i8wBMAE&v=APEucNWqdqMdTjSYZhSvER22q2ZJh4j_qRK_uaWSUcfXdPupnyziIYBBKldU8ry8BuPhc5u9vzCgPJ3Mj_rhT5VKSD5uPfNklzjeoHctODHpguIsUcP4De-WkfMIZQphXDeuUh2k9z5pIK5H68y01S9dGvuNijFDoIpHru_RIhvUVHBFb_4CgaU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740b84b2ac246921-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxEDKz4x2fQlLX0Ww1TKBPB9GhBKhOyb23PG94RYX2zawZZBQfbYv1IQgtDpU6539cPvAKpSUhd6l%2FNlfW7cVWhBGIPNswDEhPGIJisdkXLWJRcHsVGeILlUZoG5KWqAi4qdLnb0VWKs8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlyysejGnk4ujt7Jtawic8lXbYvuQnB0IO5KvktD4r0XiExBoZIDglKlNRTWeVqcS4K6hwiw9YLBdHf2tFX%2BZSqwFB5qcPqrGRoer9Jy%2BBP89ZjfV98Whawd1TqH42UFqyTlvmxRrfSCsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1&C=1
cache-control: no-cache
cf-ray: 740b84b25897bbf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AEE6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwiRcxGkxK0Mt-aBjGaxSQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1

43 B
913 B

38ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGJO5i8wBMAE&v=APEucNWqdqMdTjSYZhSvER22q2ZJh4j_qRK_uaWSUcfXdPupnyziIYBBKldU8ry8BuPhc5u9vzCgPJ3Mj_rhT5VKSD5uPfNklzjeoHctODHpguIsUcP4De-WkfMIZQphXDeuUh2k9z5pIK5H68y01S9dGvuNijFDoIpHru_RIhvUVHBFb_4CgaU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740b84b34cec6921-FRA
pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7kp7eU0HrqIJ5Xy732ebSSCQ%2FH8LUOOtynHer2xbpkF3nZP2NreC1uDYPe80vu1hdsMAXlU%2BxPQ2mSjS2ZTNC4cY4cdTG1M99%2BXBnFzXgeyiXCdGD5RG%2BwCQD8CJBlMwmiu%2Fz2N7W%2FwcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgxG18vvoq2wWuXjQQ_ANc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame AEE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECRShO-e44RznVZmUQIY_TU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRShO-e44RznVZmUQIY_TU%26google_cver%3D1

43 B
1 KB

39ms
30ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRShO-e44RznVZmUQIY_TU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGJO5i8wBMAE&v=APEucNWqdqMdTjSYZhSvER22q2ZJh4j_qRK_uaWSUcfXdPupnyziIYBBKldU8ry8BuPhc5u9vzCgPJ3Mj_rhT5VKSD5uPfNklzjeoHctODHpguIsUcP4De-WkfMIZQphXDeuUh2k9z5pIK5H68y01S9dGvuNijFDoIpHru_RIhvUVHBFb_4CgaU

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7ca30dfd-b2eb-4ecd-a3d2-8918291d0d4c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 73273559-6cf8-4397-a956-3f8faeab71c7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRShO-e44RznVZmUQIY_TU%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEE6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MzU2MDM3NzcyMjgyMTkzOQ%3D%3D

170 B
188 B

62ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MzU2MDM3NzcyMjgyMTkzOQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 891c051f-740e-4d35-803b-ac98b406ffe7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc0MzU2MDM3NzcyMjgyMTkzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame CA94 55 KB
18 KB 26ms
24ms Script
application/javascript 2a02:26f0:3500:583::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6566001&sid=18330&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:583::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 09:25:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F12 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nPjlhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 041F 640 B
316 B 86ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D9ED 79 KB
33 KB 98ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1SCzXTPaIEFELvrzzz06i0UPDX83hC2w9LmmI-u5Fyl_uRccZZDYnpoZv_t_JL5pxMwEYGtJct-2_v8N3XDMnFKjg3w&cry=1&dbm_d=AKAmf-D47tNeG6LK3hqci6qJk8gfleB2b3T9NwZgTRwrGL7Z0KUhwGb-2ibC2HO_1FKnLuE4gqcBe_7SUtyiYCBFBldpw1QxYDXYC9IxilqGcGgXKcumTippjp3n1ZZxIvloabsmbsi6Jh6RS4A2FLRBkewiYZy6oAWIoeHUrrXkerA9matYdiLKb_mpLVIsRS6QYmyyYa5ssITM_hPf3EqI1PMgowRl15FVSpAXF4fYgCRev3_AJqu3IqhV2f_z876bsA_DDNeSeFCtGbTQc6Ghn97y0PcPMy6eiowbEY2WC0KWHXYKg03Y-5wRZjBQulXB9tP_eeZGZ43HNcHAG-bYEl9M2j4LFkS89dPXmut_QUaydocdJK3pIOVh2zaqoYdK_rBiiF50KCqp87rnsJESMgRVnK7nN0XhR3IEBG5TsOmd9XgVStkQVlhm0ji_wdSDklKt-ArMPoaRG1jZsPyL58H40QRfp42IWuGZJLmA1CdO2msXq15RS1WI37NBmfYBvS3OgRdLoevb2lp6toa41jHwH1XlOfHp0FBdMruNgMYDkYql2f8Wi6dmif117PTinD15wznRuPZQNlZHU80g7Q9HwxBUP7Lcw6zarPsoHqUailDxsy-ttCOnjHqxtTtXn1e9twv-poiuwtnAD0j2hTloCO1SEI2uFi5Lmy66SuvGgNSJKOnaIsxizYXqxFPsF14RuX5myjTduCd3pBER4dvbbNte-vAAdlCPyDsBUkjycPJoG_C1iaDzcWJrr73w5K9hqZ531KXugAn8dRQA7rStSjTWskrXPwRL5xXn1zf792dW3ibY7bkoxyWNa48lBjJLCFQ67gHytNp1FE_1_U4plVQPS8ZIDpwNsF4kUFaK5IdbswB171oRXFfa32GbD6638bwwD4NQrcQI7Pkj5xWDNbncOVN7Z_yLoOBrv6t9d-RwERrUDaQelyJuq51ZtoiY7iTeqxrp2zMOq0yDrQKKi9y_TjU6hqTWWzQX1bgFn9HehDGvS-l95JbquuG7_dPyZOZ2f-GZzfpLcWoc5XLuVqzQ37dXtW7LGg-nVH_3oLddHHS2ObOthC0YqDnzceFG_40oL-MLHDzVLWPnKd8Fy91h89a73MRxoSMGyDbEquYGgn0sPGAvdcHogfxYvK9Fsa5ibqu0ChxZ5FcDYvmII5Pf1ZpuPP95d5sszkObdvP_erVrN4E4PXTHAj0qakE-grmTZdzFjC8czgJD0e99O5lKMWFDg9n8ffjdljyxcgHm-dBBj1npEewyn6GEDGdsbV0WkUJg7BT256qrHGjLOPsu9qGolW8DFGniXMxiNqvgkLg99J9TpBtNBEqKO3RWkDBC6AA4IfVoaCYL_sJ7ZSD8W6LVyZkua2f4iulOBtHHJiXsaTb6CLpx4LAwasIpJWgWC_k1kuIf14-PW7yZeyHaMtOGkgI-lLdJuqqEUYk-jWVWAxPt49F2-nnCfNypNegIkoyOznkBM_LBivz92qDg3UyJRIknUeou7Att6bp6B1rccYgzM1aRNZv9JyPS0JoSNwrSXTw2f_DK-A-nczOyKuTTUKwoIpqzIhnKyAztqfnfysztnlRqyXkVS058D23DW4xHR24UPdvx9Gt4cb8XyzM0-E79-fWH8oaEqOSpTKGrxQ7WU6XHWxGGdJuSXwy7dRQYa9bBFCrb0ApuQj2eVKnFxM892EWI9wK7BXRnXNTEVYYoca2cCz03sYdHmpT7BJR--C_n1G1c_LqQVRxncfDSi-_MbuftKmOzt5ThYbH2Sjr1Aui1TJpjZFewUeQpampImChiRuo826XzPXE0Td1M3_DdcPvubdZkmlUJrfSXqMc7Runt0uJnrDFXOAz39wQigpBfGpZUvQQlY5gJ6MMhkjTfm32CVWFvfeMCqzFl2_B_Qm-5VdUoFQlZofhyxz5ExEqt5TEk6yFrP0VgUdr8S4_Azmus3VuDu6T9_iw57pu74zM0zwz708c6pSjsER-SQD1XQzaXIAoaeGDQ3YdCeKL7F_RUa6VaOQs5grMIUtM3UQLh621fmKczvwio3skSUpcfT6c-u1v7Pf6Ybqb9VA_ic_N43Uhyvgo1lWZIXjFu8Ir85vczf-15p1vzhGkhcfhnPlpiDdatUHz7ruPWFcKsxAGocVTKovWBqfvk3gfvWgHYHDQ74W3yCzOH22BQ3H_RKiV42ZJ7vNjfmjnL43ckrTbpnJy0mEkE3AO2BZM98oXLkiFWJ-5y-HBr782tvMNWw21rzlXvfCSe9J7dLHe6paxvHvQ5a-eIHUGY1zK0_JhJ-wvQBhPKken7K10bUQUx_V-eBRaEex2e7O7oAunhIf3Jm3b77NV0gpxWlJ2M9Z8rx_H966l77HTJ97h_kulD5Yta7Bm1iDgLlgmavW93n58ySMV-G2fgT3aypuUK6XpY2_2AYlzKOdobiSiSic48tvdpuPtkVWsCtrhxuN8JXZ3tJxbYPM0E7Cc2E2r0jzwFU5rh3lEoUYU9frhvTuqD5WRzkGYGXzoU_Jahgtc6FL0OWeCY5h1m7x0NoPLvLZmO4BJbur8eQxvWFJOQ7svrUZeOxdY7KUkXIYBNYU6AjU3Wr4LgP4nLiB0ayENHc4qhZZOjxryVstoplFxdn20fcsjZdMdQP4u8l3JzxWB_MAm2WECwvAlLlN2SSJCC2pXaYsMN4h6LuMEhm-tN5G2yq1RjNoZ0YwJUqUqLmu1YvgcVRR6Pnk5md4LGigyAOS_q_1qxoWc5Zsvzbs6DuZsDxO7S6wJ29IJUSfYyG3T-9T0h4EcjxMDrGQAa54skVn-l5DdNXU7-qfcW6Oi8mpvY7i-aKCXTOaCxhWRmvSrIsoiiAeM68dCMspgUxVTPKlnOqskHyux2KGR2Gc65nH7GzzBjVmcYA-WrBCatn1feWrpVI62UqEjiahrK2FkprDnxSmIbPmDr54SdhS5VZ9bXTe77HnfGRR2g8LXX1Zor2Mv0RRBNa17WCccvEJF0Xmip7Cwcmwkkp4SmUDt01TLyWdBH1HHVH8MyN16IPYYxQvtRsvbUxs-sEDhoM7AIBecEzCf4JveTMRXUzxqkhfzA_nnZM142aslYJx5dXW4ZBzII_BS1M9AoZkvnvDXisuIQHwI2h8AcIfLrQePGKa77qkTLo0VREoYmFQ&cid=CAASKORoFA5K6JCJXEZJfameLe82SGqJvGG6m2hyK3DGdpuoNzQcmM1QmeQ&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c243aee6a5743606b58c6a3bfbda9e69c34c391e6aff946fcf1f3e385513fefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33944
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9ED 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dy1eGh7-uGQLSy_LCfoWy_esjsEKJwQ3i05OIO-4f689fNnICkgNd7SprmiA2MSfx8zs9FFnFm0YlGSThnrsEieb3B_BeLdDt7-QfvQhZhE9d_Aio

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame D9ED 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/window_focus_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:21:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9ED 140 KB
43 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 09:25:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame D9ED 17 KB
7 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:23:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D9ED 0
0 28ms
26ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdKzrWmcKl_bPdmDMQOLWEHCsX1LmpMY5tNIYnH2AnJrWCZGayWF5V2KESzIbHNjcLohkPefkldieGuqj17vrRlI1paQ
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DCD6 640 B
316 B 81ms
52ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9850 27 KB
16 KB 83ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CB63togUhHBoeBtHExYPWzZ8-BOomYKD3UDlgb9ArhM-wbITH_N3QvXQxl1_vAjos6eJ8HKA0NovvtM-jA3dwnQlv9pyDMyTDDIXM2kVH15FKqzVDar0V37SO0UTOTaALAKdI0Xkl2OFUciwDUv3kB4kv9gw&cry=1&dbm_d=AKAmf-BcwjYUcEOFd8daFislZnfA4Ob-CMVY9LMpw_B8Ljmm4L7PXRyTNzXo_K6A5Ay_GWXgpAREyLu4OjP9dR3xD_yI46o8UTrah9Ja8GG9bU5gwAjiF0SMa6pZii8YJGDSh5ska5kaQ6SwpUZRjA8Z9b3daqkZ-j_8lSkKNw6ckoBHabWg_f9y8GN9nGhFZANjkyYHE7NI_DsEdcu-puZ0mJc4MlTJeYvIViYPVydbSlODIo6ZjlzUa94hn_-8DCQ0aE5r12-dVuPPpGioRWEUMHC5KhEXj973HJ1y9cUqlDut1zAD7t-f93V0l8t2qf8KNdTPught6YfJWRHBGItwe7Zo2Lb_EkvApqOdyCmYI1gmx5JfJr-qNJhhkCJEH5fqtrtdW35dLl68WbOIiRSuzgQnYbDwNMKlP982-OF7gzs7bZGn6dyiq6fDKPAaU_e534UsjZcza5pb8p_ai3mWzCJtJwVeWy-YeRGZOMOFgvlqnIMko5fBoDkFXimVIFu5Tm-fRMHF8tIAwQWGyHfKWhbfoUC76yHpHNpGc4VmuuWQo8hrwt5egyYWtj-Ucz42V_rQF6nYij8cn4xNdAA1FvP5SZ9VEcQziU9sbN89zDJRblkU2AJF-JL-Mpk9Hpvltri5fwB94_h7uLYLvwKR1MygSNOWS21y5ddG55H6o-tpRknX8WEFkb7e6TONMbPKkFNnwykQWiJVBvzmvZJ0TMd6s9E6NN4WKYKAHulWYzQlp-uy9edgPZ5hB4HMCsCV_A7fL7XmvOAwn03Vbiqj9iYxzTxpq_GFDkt8V1kchxDdqzzMIBt0tvcphzrwF9pxG0Tlynjnq2rwauryN04_ZLCbtoN_CQprEDtrELQg9hFmVelx67YOhUlYJtmtMqWCS0b4-8n1BMTpiuWZ36Pj0Zu3nu0MbArtdnAyGynSib8hlO74l6LOpk4tSD0MjRdCjng7_3g4s6DkoaRMFg44AeQ0DNRBIydwmx6uWL5EQms0VbkpPjFq_4ORxMMjCv1p70ojhC4syOovqo4Sk_y2fal9PUk6a3iPS-Tc2gL0B50P8fWLEfGYfm-NiXjXnbmLVwqqzCyO0NEYHVMae3TuH18Yr_EgfcI2wmdC0y-FAWEQlznIduB30e98xIFRTrfPHaGzI5cMGwIAFzIUBwEEtLrYYqQse1pG5kQWFdoZ2A_BS37MlMfWDooY2dsFe-Rw7IglKNaYFvI7l2y4mjdAHcpIWx-aelKJjV7pNnsgzKmhG5rolgiVLLwRLJ2tw6ahm9NZkeO6JUJJbozbS8hPF7mxId7s_WF-SEHY2I2Rg3jzYfCSJ-3JsPmD1uZM6mBAdU7wdmfwewpWfaZCJ766_v-bfeuAOtyuloSKOFbX8buSnQI9fAOLUGaVezYgMDdqlAAhW-4yrcF8HUwJyUkc-EVeGHax_2XN7gL98HXoCOQU1P_6sFXfz0mDCe0LIa-Hoqj1mbOQ_O3vixh1qq7bDY1sj8YnTQyMAeh4NOdyEBH8YyHzoL80XLaQy_3laLOM81EFLZU8x_-Qf2bro4lo9Vh_MNXQfKrk5IbKn_VMng_HfxkTqxQvbyQvJ4ZF_3-_HI81SseeJizUGeN3KC880iGqftZO5ybaEQqXXnZqE8jrE8_xyT8ao49UnjivIDom6-j9L9jiS86pLeUhhR2PxFASAuS1cOQrggvIW3uWCuJlwg3iXmgQyTcQfiHhHM0EKNuexJGQRyTwCJHS4JPETRfjr7AEZw6B7qEdB7Unl-JmPeh09leEDpjHHnLGUK_p_FM_UbSRQPiMVs3SQQ85zK-qlY9BAM1KzUYb-ldaxog6TdSwKakkvtJmuwp1WBU4bu8Eyy1bkAG_WacFf85IEP38m10oz01Y1NF2Yke-6mpGRmr26pkjR4ewH6UOv9Q9fWKOS1Ps20dEccZoiQkjX4S79AUkk2UskvuG2DsJYthsfrymNw0SOMGs6h5ddH9-b3iWwbCm5IwkXc_OUFDpJlTqVh-_R7eHR1NWiJqiql2mCLmkJlMlBanajddqGuZF79x-OClRe0vA7nnQuqh8-cre-FLepT0W4pcNqHZy3SPKxoi-4YpV4SrFwsyvNGytVsJ2AHZ_AuP565xAyDgZzvQOUPqBthXbI0czt1OsGamrl6s2lDo6ucHiVXKfmjCxqAoUWrD-OjY91CKOgaKmGMJz501ON_TOENq-mbR3MMb1XdxwCORDi2vgOimT-1OCD8MJi3osxoxm01F3CcOdWLpZ-N8RVUsiN6PtWFkagKkEvHqzZW-ZCKIGzYLJJz1ypbdEZ-UYG0OzX8JXIjBIIAswlGNLKMry_c3HYRiPHBmD23HyeiM6BLNuDMMRQprjuezY7a6r5DMj4LzSw3sge2VXlEDgPkVaXeiAsu2ejQSA7oIGIrbACRvJwTNsOyFGgfq-heIWuI03izrcKObzYHhKRVNCZh_iaDSLHFsPu52B5xRRLRLxcu9EdYE87MtR3PUNijilMy8MWBVRSw46pjK3fyDfBOaqLQUlyLIhfPEbPxwHorB9F6lo7SNkSbgYRmUHv9hrF60XbQS3uZ-xcZ1mgrxsuMEl0A_J76WNwi0Kgie3Tv3g3-4RPbOGxP74gbCkEia7JMqNXmoKPk-ilUsEI3YpSfPIiyqfd-cLyo7Rlb9jVzOIPB6SpAqwdWnUtVuYFYbmnrYvHgatiC0XkIdlQoOLg6vvFL4kf7nYjnIVcxgOQNSjevx3yPmedHQhS7tWQRNVkCC1M4n4ttM2VRISMOZjD73c4DYSkOX_oTaFaNWbjg0Dzi8mLgO39tbL7P7QGRstOuQDVfm3fdJEqUBOcuEFal0b4dqxZ2i9_YR9dqmJXOTZ0uIEC9mJgOf8J_Ac_9ue1wVoVio1cDGJ5J-Se2AI2s8PyMcT_ZHlJyAbzBmNN4T2N6q7nIlyzssCOnboYpaI8SjpYZAvPu7CDghVjprom3dE4hXStKCXGkjOunRfCpAmobduePC0L0gNDNx_oNLYvJCeR4oeDrTDCeNuZRUXkxPjKhZeL4OGmRD-AHHpdXXAVNSHrCsE9i8cKcarWq98JYMRXv8FyJ6KztRlKeupoHfH8Kmpp29l3m9QJYdVd6FS3O7MVhkT4HuZPF5GRxgSFBNbo1I03_rwyOoiHoqhuI7efI_Zn7bHTxo1N3S3x9D4NjZCSCcbjK_7_Imy99DiMcA6vnYmF5CO15SmTJHWobPYOWZmIO0l4klwXJPAA1c4fa2Wmt0r3AEvJHKPsmO0&cid=CAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39dc63cb240d08c5d562a3e3e79971b21c51bf5814e00cf1fc0aaef4d267e999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16556
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9850 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3HvI9BhduD-0S63BSWcR9Nfx7LxrtxiiSEjdrcQznc8OaUhykHgj3AXbRMTF-rJ_WZRAeaRSGps7p5xqrw18CbOAwcEpYd0iO1rO7qNsx1cr-vP4

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame 9850 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/window_focus_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:21:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9850 140 KB
43 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 09:25:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/ Frame 9850 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220824/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:23:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9850 0
0 25ms
24ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjXZ9BsMLNi-ysQq20Ff0J0nJCeKPaRmM1Rn5mYv2_56Up4KHCmZnJO1OENhXoTEjTU_YG_vElg91pqULl8eTjv3uyVw
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame CA94 9 KB
5 KB 228ms
31ms Script
text/javascript 213.254.244.107
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_211477715301&jsTagObjCallback=__tagObject_callback_211477715301&num=6&ctx=15911784&cmp=184716&plc=6566001&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=211477715301&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=104&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau%3D%40%40%3C3%40%40%3C%5D%3FFTauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3D%40%40%3C3%40%40%3C%5D%3FFTar9EEADTbpTauTau4dd37b%60d664_6ae%6024ff26g357%60_c4cd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3D%40%40%3C3%40%40%3C%5D%3FFTau8%3DF6%3DJ&dvp_exetime=5.20&callbackName=__verify_callback_211477715301
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.107 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 48d53d03fec0180fb30303f1cc3b878e5e21fc235f6c4d7f02e38d5e8d94060f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 08/25/2022 09:25:07

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 87DD 22 KB
8 KB 17ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 87DD 36 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:48:53 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DCD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1

43 B
106 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DCD6 43 B
120 B 69ms
25ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DCD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1

23 B
172 B

185ms
93ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 26 Aug 2022 09:25:07 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DCD6 23 B
172 B 204ms
64ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNV7ib3TM6mARqmZ9NLRI13nlrpURoEGUonW7YH8IVdKI2Coz3cRhQ6B0O1PZsJqzYZBDuKiMnFCZjSQRGHVlEJMC4ECkoOESBDapv-82GCOwvxeg3ynsOYLSAH4S0IZZ6ZQsqH8GUJ2GrlnQuRjrmKcJfu3xZp3WNlPbAJrLwYitp4NPiw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 26 Aug 2022 09:25:07 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 041F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1

43 B
114 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJdv3Yv0aK0nEqo7Q6rZds&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 041F 43 B
304 B 61ms
25ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 041F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1

23 B
172 B

181ms
92ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 26 Aug 2022 09:25:07 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPRRXk-CqJhOQm8f-cEhhoA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 041F 23 B
172 B 211ms
93ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGLbL3NEBMAE&v=APEucNUHaf2CPSAHxRdUosptkU1J2C40NSPiJFaoMZsqaCBWDvBq6cPpHrZlhnupRGoc3Or2_EQweSIbtCOpqdXoDKE-KlP2UmqAD3QAThOWT2-5Ep4DzPvUF8QOO0gweKajiE2vx2FOf-7ZkxT_c76h7DjBB8hJiXmOlpmHvkAKK69Gjh0jGaY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 26 Aug 2022 09:25:07 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 9850 30 KB
12 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CB63togUhHBoeBtHExYPWzZ8-BOomYKD3UDlgb9ArhM-wbITH_N3QvXQxl1_vAjos6eJ8HKA0NovvtM-jA3dwnQlv9pyDMyTDDIXM2kVH15FKqzVDar0V37SO0UTOTaALAKdI0Xkl2OFUciwDUv3kB4kv9gw&cry=1&dbm_d=AKAmf-BcwjYUcEOFd8daFislZnfA4Ob-CMVY9LMpw_B8Ljmm4L7PXRyTNzXo_K6A5Ay_GWXgpAREyLu4OjP9dR3xD_yI46o8UTrah9Ja8GG9bU5gwAjiF0SMa6pZii8YJGDSh5ska5kaQ6SwpUZRjA8Z9b3daqkZ-j_8lSkKNw6ckoBHabWg_f9y8GN9nGhFZANjkyYHE7NI_DsEdcu-puZ0mJc4MlTJeYvIViYPVydbSlODIo6ZjlzUa94hn_-8DCQ0aE5r12-dVuPPpGioRWEUMHC5KhEXj973HJ1y9cUqlDut1zAD7t-f93V0l8t2qf8KNdTPught6YfJWRHBGItwe7Zo2Lb_EkvApqOdyCmYI1gmx5JfJr-qNJhhkCJEH5fqtrtdW35dLl68WbOIiRSuzgQnYbDwNMKlP982-OF7gzs7bZGn6dyiq6fDKPAaU_e534UsjZcza5pb8p_ai3mWzCJtJwVeWy-YeRGZOMOFgvlqnIMko5fBoDkFXimVIFu5Tm-fRMHF8tIAwQWGyHfKWhbfoUC76yHpHNpGc4VmuuWQo8hrwt5egyYWtj-Ucz42V_rQF6nYij8cn4xNdAA1FvP5SZ9VEcQziU9sbN89zDJRblkU2AJF-JL-Mpk9Hpvltri5fwB94_h7uLYLvwKR1MygSNOWS21y5ddG55H6o-tpRknX8WEFkb7e6TONMbPKkFNnwykQWiJVBvzmvZJ0TMd6s9E6NN4WKYKAHulWYzQlp-uy9edgPZ5hB4HMCsCV_A7fL7XmvOAwn03Vbiqj9iYxzTxpq_GFDkt8V1kchxDdqzzMIBt0tvcphzrwF9pxG0Tlynjnq2rwauryN04_ZLCbtoN_CQprEDtrELQg9hFmVelx67YOhUlYJtmtMqWCS0b4-8n1BMTpiuWZ36Pj0Zu3nu0MbArtdnAyGynSib8hlO74l6LOpk4tSD0MjRdCjng7_3g4s6DkoaRMFg44AeQ0DNRBIydwmx6uWL5EQms0VbkpPjFq_4ORxMMjCv1p70ojhC4syOovqo4Sk_y2fal9PUk6a3iPS-Tc2gL0B50P8fWLEfGYfm-NiXjXnbmLVwqqzCyO0NEYHVMae3TuH18Yr_EgfcI2wmdC0y-FAWEQlznIduB30e98xIFRTrfPHaGzI5cMGwIAFzIUBwEEtLrYYqQse1pG5kQWFdoZ2A_BS37MlMfWDooY2dsFe-Rw7IglKNaYFvI7l2y4mjdAHcpIWx-aelKJjV7pNnsgzKmhG5rolgiVLLwRLJ2tw6ahm9NZkeO6JUJJbozbS8hPF7mxId7s_WF-SEHY2I2Rg3jzYfCSJ-3JsPmD1uZM6mBAdU7wdmfwewpWfaZCJ766_v-bfeuAOtyuloSKOFbX8buSnQI9fAOLUGaVezYgMDdqlAAhW-4yrcF8HUwJyUkc-EVeGHax_2XN7gL98HXoCOQU1P_6sFXfz0mDCe0LIa-Hoqj1mbOQ_O3vixh1qq7bDY1sj8YnTQyMAeh4NOdyEBH8YyHzoL80XLaQy_3laLOM81EFLZU8x_-Qf2bro4lo9Vh_MNXQfKrk5IbKn_VMng_HfxkTqxQvbyQvJ4ZF_3-_HI81SseeJizUGeN3KC880iGqftZO5ybaEQqXXnZqE8jrE8_xyT8ao49UnjivIDom6-j9L9jiS86pLeUhhR2PxFASAuS1cOQrggvIW3uWCuJlwg3iXmgQyTcQfiHhHM0EKNuexJGQRyTwCJHS4JPETRfjr7AEZw6B7qEdB7Unl-JmPeh09leEDpjHHnLGUK_p_FM_UbSRQPiMVs3SQQ85zK-qlY9BAM1KzUYb-ldaxog6TdSwKakkvtJmuwp1WBU4bu8Eyy1bkAG_WacFf85IEP38m10oz01Y1NF2Yke-6mpGRmr26pkjR4ewH6UOv9Q9fWKOS1Ps20dEccZoiQkjX4S79AUkk2UskvuG2DsJYthsfrymNw0SOMGs6h5ddH9-b3iWwbCm5IwkXc_OUFDpJlTqVh-_R7eHR1NWiJqiql2mCLmkJlMlBanajddqGuZF79x-OClRe0vA7nnQuqh8-cre-FLepT0W4pcNqHZy3SPKxoi-4YpV4SrFwsyvNGytVsJ2AHZ_AuP565xAyDgZzvQOUPqBthXbI0czt1OsGamrl6s2lDo6ucHiVXKfmjCxqAoUWrD-OjY91CKOgaKmGMJz501ON_TOENq-mbR3MMb1XdxwCORDi2vgOimT-1OCD8MJi3osxoxm01F3CcOdWLpZ-N8RVUsiN6PtWFkagKkEvHqzZW-ZCKIGzYLJJz1ypbdEZ-UYG0OzX8JXIjBIIAswlGNLKMry_c3HYRiPHBmD23HyeiM6BLNuDMMRQprjuezY7a6r5DMj4LzSw3sge2VXlEDgPkVaXeiAsu2ejQSA7oIGIrbACRvJwTNsOyFGgfq-heIWuI03izrcKObzYHhKRVNCZh_iaDSLHFsPu52B5xRRLRLxcu9EdYE87MtR3PUNijilMy8MWBVRSw46pjK3fyDfBOaqLQUlyLIhfPEbPxwHorB9F6lo7SNkSbgYRmUHv9hrF60XbQS3uZ-xcZ1mgrxsuMEl0A_J76WNwi0Kgie3Tv3g3-4RPbOGxP74gbCkEia7JMqNXmoKPk-ilUsEI3YpSfPIiyqfd-cLyo7Rlb9jVzOIPB6SpAqwdWnUtVuYFYbmnrYvHgatiC0XkIdlQoOLg6vvFL4kf7nYjnIVcxgOQNSjevx3yPmedHQhS7tWQRNVkCC1M4n4ttM2VRISMOZjD73c4DYSkOX_oTaFaNWbjg0Dzi8mLgO39tbL7P7QGRstOuQDVfm3fdJEqUBOcuEFal0b4dqxZ2i9_YR9dqmJXOTZ0uIEC9mJgOf8J_Ac_9ue1wVoVio1cDGJ5J-Se2AI2s8PyMcT_ZHlJyAbzBmNN4T2N6q7nIlyzssCOnboYpaI8SjpYZAvPu7CDghVjprom3dE4hXStKCXGkjOunRfCpAmobduePC0L0gNDNx_oNLYvJCeR4oeDrTDCeNuZRUXkxPjKhZeL4OGmRD-AHHpdXXAVNSHrCsE9i8cKcarWq98JYMRXv8FyJ6KztRlKeupoHfH8Kmpp29l3m9QJYdVd6FS3O7MVhkT4HuZPF5GRxgSFBNbo1I03_rwyOoiHoqhuI7efI_Zn7bHTxo1N3S3x9D4NjZCSCcbjK_7_Imy99DiMcA6vnYmF5CO15SmTJHWobPYOWZmIO0l4klwXJPAA1c4fa2Wmt0r3AEvJHKPsmO0&cid=CAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:22:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9850 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D9ED 106 KB
38 KB 83ms
16ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Origin: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220824/r20110914/elements/html/ Frame D9ED 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220824/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1SCzXTPaIEFELvrzzz06i0UPDX83hC2w9LmmI-u5Fyl_uRccZZDYnpoZv_t_JL5pxMwEYGtJct-2_v8N3XDMnFKjg3w&cry=1&dbm_d=AKAmf-D47tNeG6LK3hqci6qJk8gfleB2b3T9NwZgTRwrGL7Z0KUhwGb-2ibC2HO_1FKnLuE4gqcBe_7SUtyiYCBFBldpw1QxYDXYC9IxilqGcGgXKcumTippjp3n1ZZxIvloabsmbsi6Jh6RS4A2FLRBkewiYZy6oAWIoeHUrrXkerA9matYdiLKb_mpLVIsRS6QYmyyYa5ssITM_hPf3EqI1PMgowRl15FVSpAXF4fYgCRev3_AJqu3IqhV2f_z876bsA_DDNeSeFCtGbTQc6Ghn97y0PcPMy6eiowbEY2WC0KWHXYKg03Y-5wRZjBQulXB9tP_eeZGZ43HNcHAG-bYEl9M2j4LFkS89dPXmut_QUaydocdJK3pIOVh2zaqoYdK_rBiiF50KCqp87rnsJESMgRVnK7nN0XhR3IEBG5TsOmd9XgVStkQVlhm0ji_wdSDklKt-ArMPoaRG1jZsPyL58H40QRfp42IWuGZJLmA1CdO2msXq15RS1WI37NBmfYBvS3OgRdLoevb2lp6toa41jHwH1XlOfHp0FBdMruNgMYDkYql2f8Wi6dmif117PTinD15wznRuPZQNlZHU80g7Q9HwxBUP7Lcw6zarPsoHqUailDxsy-ttCOnjHqxtTtXn1e9twv-poiuwtnAD0j2hTloCO1SEI2uFi5Lmy66SuvGgNSJKOnaIsxizYXqxFPsF14RuX5myjTduCd3pBER4dvbbNte-vAAdlCPyDsBUkjycPJoG_C1iaDzcWJrr73w5K9hqZ531KXugAn8dRQA7rStSjTWskrXPwRL5xXn1zf792dW3ibY7bkoxyWNa48lBjJLCFQ67gHytNp1FE_1_U4plVQPS8ZIDpwNsF4kUFaK5IdbswB171oRXFfa32GbD6638bwwD4NQrcQI7Pkj5xWDNbncOVN7Z_yLoOBrv6t9d-RwERrUDaQelyJuq51ZtoiY7iTeqxrp2zMOq0yDrQKKi9y_TjU6hqTWWzQX1bgFn9HehDGvS-l95JbquuG7_dPyZOZ2f-GZzfpLcWoc5XLuVqzQ37dXtW7LGg-nVH_3oLddHHS2ObOthC0YqDnzceFG_40oL-MLHDzVLWPnKd8Fy91h89a73MRxoSMGyDbEquYGgn0sPGAvdcHogfxYvK9Fsa5ibqu0ChxZ5FcDYvmII5Pf1ZpuPP95d5sszkObdvP_erVrN4E4PXTHAj0qakE-grmTZdzFjC8czgJD0e99O5lKMWFDg9n8ffjdljyxcgHm-dBBj1npEewyn6GEDGdsbV0WkUJg7BT256qrHGjLOPsu9qGolW8DFGniXMxiNqvgkLg99J9TpBtNBEqKO3RWkDBC6AA4IfVoaCYL_sJ7ZSD8W6LVyZkua2f4iulOBtHHJiXsaTb6CLpx4LAwasIpJWgWC_k1kuIf14-PW7yZeyHaMtOGkgI-lLdJuqqEUYk-jWVWAxPt49F2-nnCfNypNegIkoyOznkBM_LBivz92qDg3UyJRIknUeou7Att6bp6B1rccYgzM1aRNZv9JyPS0JoSNwrSXTw2f_DK-A-nczOyKuTTUKwoIpqzIhnKyAztqfnfysztnlRqyXkVS058D23DW4xHR24UPdvx9Gt4cb8XyzM0-E79-fWH8oaEqOSpTKGrxQ7WU6XHWxGGdJuSXwy7dRQYa9bBFCrb0ApuQj2eVKnFxM892EWI9wK7BXRnXNTEVYYoca2cCz03sYdHmpT7BJR--C_n1G1c_LqQVRxncfDSi-_MbuftKmOzt5ThYbH2Sjr1Aui1TJpjZFewUeQpampImChiRuo826XzPXE0Td1M3_DdcPvubdZkmlUJrfSXqMc7Runt0uJnrDFXOAz39wQigpBfGpZUvQQlY5gJ6MMhkjTfm32CVWFvfeMCqzFl2_B_Qm-5VdUoFQlZofhyxz5ExEqt5TEk6yFrP0VgUdr8S4_Azmus3VuDu6T9_iw57pu74zM0zwz708c6pSjsER-SQD1XQzaXIAoaeGDQ3YdCeKL7F_RUa6VaOQs5grMIUtM3UQLh621fmKczvwio3skSUpcfT6c-u1v7Pf6Ybqb9VA_ic_N43Uhyvgo1lWZIXjFu8Ir85vczf-15p1vzhGkhcfhnPlpiDdatUHz7ruPWFcKsxAGocVTKovWBqfvk3gfvWgHYHDQ74W3yCzOH22BQ3H_RKiV42ZJ7vNjfmjnL43ckrTbpnJy0mEkE3AO2BZM98oXLkiFWJ-5y-HBr782tvMNWw21rzlXvfCSe9J7dLHe6paxvHvQ5a-eIHUGY1zK0_JhJ-wvQBhPKken7K10bUQUx_V-eBRaEex2e7O7oAunhIf3Jm3b77NV0gpxWlJ2M9Z8rx_H966l77HTJ97h_kulD5Yta7Bm1iDgLlgmavW93n58ySMV-G2fgT3aypuUK6XpY2_2AYlzKOdobiSiSic48tvdpuPtkVWsCtrhxuN8JXZ3tJxbYPM0E7Cc2E2r0jzwFU5rh3lEoUYU9frhvTuqD5WRzkGYGXzoU_Jahgtc6FL0OWeCY5h1m7x0NoPLvLZmO4BJbur8eQxvWFJOQ7svrUZeOxdY7KUkXIYBNYU6AjU3Wr4LgP4nLiB0ayENHc4qhZZOjxryVstoplFxdn20fcsjZdMdQP4u8l3JzxWB_MAm2WECwvAlLlN2SSJCC2pXaYsMN4h6LuMEhm-tN5G2yq1RjNoZ0YwJUqUqLmu1YvgcVRR6Pnk5md4LGigyAOS_q_1qxoWc5Zsvzbs6DuZsDxO7S6wJ29IJUSfYyG3T-9T0h4EcjxMDrGQAa54skVn-l5DdNXU7-qfcW6Oi8mpvY7i-aKCXTOaCxhWRmvSrIsoiiAeM68dCMspgUxVTPKlnOqskHyux2KGR2Gc65nH7GzzBjVmcYA-WrBCatn1feWrpVI62UqEjiahrK2FkprDnxSmIbPmDr54SdhS5VZ9bXTe77HnfGRR2g8LXX1Zor2Mv0RRBNa17WCccvEJF0Xmip7Cwcmwkkp4SmUDt01TLyWdBH1HHVH8MyN16IPYYxQvtRsvbUxs-sEDhoM7AIBecEzCf4JveTMRXUzxqkhfzA_nnZM142aslYJx5dXW4ZBzII_BS1M9AoZkvnvDXisuIQHwI2h8AcIfLrQePGKa77qkTLo0VREoYmFQ&cid=CAASKORoFA5K6JCJXEZJfameLe82SGqJvGG6m2hyK3DGdpuoNzQcmM1QmeQ&rfl=1%2Chttps%253A%252F%252Flookbook.nu%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:22:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220824/r20110914/ Frame D9ED 30 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220824/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:19:56 GMT

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame 9850 11 KB
4 KB 104ms
36ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d5b0a79c59cefa6d40a282491989f651a5e185c6aa72bafc675cdd37aa583159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 09:25:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4006
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 57CA 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D9ED 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame D9ED 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910203de6c08fca08981d79adc040827b3b166b9d43599dece7e5b53ff44654f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F1B 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 57CA 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:48:53 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/762292649258806589/ Frame A27B 18 KB
6 KB 55ms
16ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/762292649258806589/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc09dc08a6af94ea912b26dbedb28cbb6a859b6a481a2cbc5a8fa65999e3488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 328728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6218
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 14:06:19 GMT
expires: Tue, 22 Aug 2023 14:06:19 GMT
last-modified: Mon, 22 Aug 2022 11:49:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D9ED 0
622 B 126ms
67ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssizdvioZgbqJHV1tAksHEX4-nbsxS3TXjLelHIdDx_NyOZrQk8odwmLe0PBAu3w2naMS4IASnaPTHHboGRN52XDDalyaaGwasVy7Pxvts4n0vmxoHmvEXpSW-dmnq6B7yqUMt-vWKEe1nUoKy9qRE0fH3Mm_0KQnZOilNYKBAUmWDs22gxwR6yB3g6d5uulqbNiWCaOOIretRVpfoFdr5C3Zuk31Qq_yXF2qFiEpTI5SOC40muUnyWWopznQykG6-pAOZzKlV1fO6NDwEHqeiVvr7w5HdPktZOjY78uddt6S--YyI_JNPTAixw2fs5DU8Gk_wG4igOK0y0nK66SwnuUwVdQcuBViQ3phNRqsaogSCczvYdvuubPoU8Yt5n2aKUUd0502sbMVYxQWQFFwKcR-xUTmWHAOHgciD6LOn-gwWZ5NtswgXO4-jvjqcAMHPobsCP_RNSYAe-vreAWIkcW2PNMFxBjDbpaRlF6f9j8mTAbB9QgR-WLE2RbILk29ekmvpUwqwGZ23rjUe2rQdTeT_-SFDyTjHzMm4Q9uB0bcPkqeB04hYbf6fpCs6p4eme6ootCc2tfoFUClMqAgLtFT8_i1Q-78nBNNY095iqMn8AE5CVon-X1dR_K3rxs75I2z4b0ZSRzBELeDjU8ovtPmun9uIaDoOJ0ZR3IVOn1tSHB9q7uzUfXfdznBqvuOVQaKqzYhtMpaxViheldEPDt1cw9S4e47V-JX74KiVHv0khjFaHDyqKyJ8MGxBqOXfF4wzkdDE3KQEvEsExXjBCIMZR5OKh_tBmuGe0hvYzxBv1OWJekTxloNcTLs7Pt7qM5McNwrIXQ1dDiEiqYWi7UNMdJ9LMJoCmZht4Ja-N4infFYGArDUB0n9g0x1VM2kGskNzKbw5R6zsFEB3jyV2ICh6XswD1btQV_9LZ713rhDCzLPvFPVV7efqQiAgCx7EN6p6oyx5WECdk3wfho2hydnS3QnXpl6jkyneDrK_S3vUcRqOOMgLy65aeuRMB_joMCfBIFxrYhElDcvwMmS78nHzHHsASx_QFnfrQKgS3YZJe3xEvRUZK5X5B3Q-t8aCE2JzGMb3lrYJRLbFT1g0HnkkbN1r88oR6J-vIvKuLiAsy2HigcEKnMQQrgqSJCOr-WEiRDAgh3DCySFJI2SAgu83tXgDoPxW&sai=AMfl-YQO7slfYqsdviTuGrexg8qUdLCHIh6CKPFzDMye0aqu2Ah8JHSbpTec9Ez4PVNRYyf_K7vi8w2qCyiMzNYB74KbJQEPM2p-LBk5WzcXDJUpPIq4G-AZDJI6lYF_MFuW6jjfinkKYhDDJJU78KIILWU_L-JR-4WGrRzPVJXSxrdmnwRGj_qzkL9B6p7g2tvbsjOoeHH4jDuMooc1L58ibexWUyuBTVgquw&sig=Cg0ArKJSzAP7tu2_hqMNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&cbvp=1&cstd=111&cisv=r20220824.98936&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 26 Aug 2022 09:25:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame CA94 0
210 B 88ms
34ms Ping
text/plain 213.254.244.107
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=5273aa32a874496090d623a1303e7f25&vfdur=230&cbust=1661505907828895
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.107 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/25/2022 09:25:07

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame CA94 0
210 B 93ms
35ms Ping
text/plain 213.254.244.107
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=5273aa32a874496090d623a1303e7f25&dvp_ac_version=0810&dvp_acibv=&bsigr=19860187120128&cbust=1661505907832793
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.107 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/25/2022 09:25:07

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CA94 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Aug 2022 09:29:42 GMT

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame 9850
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

208ms
120ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=3594412255407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 8895fcf1b7b8617a9edd14174889ef3bcdc3cb2273aa059284fe79885e50f4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53099100055973800710616012063014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Fri, 26 Aug 2022 10:25:08 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 09:25:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=3594412255407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 26 Aug 2022 10:25:07 +0200

GET
H3 200 kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F1B 36 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 19:48:53 GMT

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame CA94 54 KB
21 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:29:42 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame F68E 61 KB
23 KB 118ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3578958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22334
timing-allow-origin: *
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "605c4223-f455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8yFGy8L%2FRjo7s%2BVoQxavuj1IJDyby9%2BHtDqRhNWknIoF9o%2BMRJRJB09hKqx2n5RzUjRYuoqifgRYEbBr97Nt3ts3u%2FRSsLUrWcEOysZt%2FSvRq%2FW8XAIaBX942Y7dJ2I203satcRMtwbiJp3lgzBpt70"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740b84b52ffb0204-ZRH
expires: Wed, 16 Aug 2023 09:25:08 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame F68E 7 KB
4 KB 165ms
100ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/CustomEase.min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7074209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3301
timing-allow-origin: *
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FAvLZzCHJ1%2BSjDxJW%2Biyd2HxDoFP7Eq59GGMOBHA26UheSpUjDKzQDjhAc8EAed58ZmookPPtwgruYRH8AlJikNuk%2FJLfNqVKPfK%2FlcIww7PLjv2Z2RKeahyTts4Cboxy2UNcRW7bxwXhEnRWRgYhQS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740b84b52ffc0204-ZRH
expires: Wed, 16 Aug 2023 09:25:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87DD 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt2jyc5EIY7_qGYP97_UPqsiOkAgAAAAAOAHgBAI&bg=!1dal1pLNAAaXrHhMt6w7ACkAdvg8WtDYqdAj84mWXSiMxzNP72KEh6fhHbFAUNQ-IZiM0iDDHPqtAgIAAADoUgAAAANoAQeZAxgPFoKk1pXX-UPjgX1JWztUJ0ru5Z9q5nTzHaYeBZfhDr7U6TUwmUUCpe9S1_eV5B63GDg8NMtRTIy9ZTwPIawBnsh7LiaPg-s9jeKJvR0bsnphdM0zd3naEWS3e5lxsUznH0LxFNwTtyYCfsivpyYbkAeajXhqnspPDG5yVOzttv7cdnRFcWmptwRRtA_sxfe3uSONWRIPe2wwIBzLuRouiSwp6Na8HwoXXdJRCyUwRMBseoWReXl_gTT5rkqgBFNWstsEWj5WJTizmJWtp7qvXH40SCk1UIFoWp90jMs_skM_3tOHrsOTBTGaMaUjGQEWTwZAPEks18KZwXA1zfchvW0YiHOVbuHTYDy2VIKTCxRf41JwYppG58Bm7W-vaXv7GRNgfyUczrEz792RQLajFnI2QPzD5l_Q5lvjp6ERY0cadhaCs7nXXFwIVXT4Aso0Lb9z4XmdXwrAs0O33WoHZm5Siwjy3VdXBGvokuRzeEXGms_APvk1P9JljIEr6ZLFeFaXWf4so77uhwn1_aV-xo-EYVsXhIHpf1GcnIujzDQmxf0rsHh1a1fEhaE5SkG8q3ze7z9m2px0F55sEKooDB9hcuZw83REB762PfXNWEbcq2ySz2M0BtfycCW-lALq8QOOiv7mgFvPPBGNdEmkw6n618QQwl84wOog_sRhfPrf-9X57lOe04925FuPHfKu1wGKQ_maS2BbpOaOtmI3_r8Hl_pKNSko-AIyrMkFJ0mJnwERidfIhALlmQmCgr85tDB3nyls09wMigkHaI71B21EQ3w-Q1JdAu3EVBwUbQbGxLBMK1MInT13psJ-6lmfoZLUjrXUYSBQnu93PccKyZbTzWTex5jssFJxi_FJR-8yVNmPISG8GjrGDwock5tdolZK32szQ0lLtgT3yfemZb1vKRLOurrVZ2NrJJGuRtl7-jFauUS7Fxc-wY5Vk-xswp9xWOHvptLBGxOF5F5lQE_8qSEo38JMWvnuzWajj33NphREXDLDCOgqI0-3WpYMrP3K_hao1DarHrGrKnOX3XBogFuMfI0

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280630144;dc_ver=90.265;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=250412649;ord=8nq990;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Flookbook.nu%2F$0;x... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame CA94 48 KB
24 KB 176ms
86ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=250412649;ord=8nq990;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Flookbook.nu%2F$0;xdt=1;crlt=SKB7WXgg2W;stc=1;chaa=1;sttr=64;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

2423689f277bdf08a684361dec979eb68a6ba20cf6b15b78a46a49135bd3d252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i_CLy7_50f02b0c-e228-4544-9dee-0ae78aeeb312_bd758c1b-1467-4b5a-8cda-75a64c513d93.png
s0.2mdn.net/sadbundle/762292649258806589/images/ Frame F68E 3 KB
3 KB 16ms
16ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/762292649258806589/images/i_CLy7_50f02b0c-e228-4544-9dee-0ae78aeeb312_bd758c1b-1467-4b5a-8cda-75a64c513d93.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

531522093bdd936f176a6b8f0cbb62fd9744ed9e4a6b6a014000d5c850825953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762292649258806589/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:06:20 GMT
x-content-type-options: nosniff
age: 328728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2833
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 14:06:20 GMT

GET
H3 200 i_CLy7_6a9ba382-ffb3-4e68-a821-75009bfcd442_b9b17382-0a1d-4c97-9459-a0fee2f5f852.jpg
s0.2mdn.net/sadbundle/762292649258806589/images/ Frame F68E 24 KB
24 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/762292649258806589/images/i_CLy7_6a9ba382-ffb3-4e68-a821-75009bfcd442_b9b17382-0a1d-4c97-9459-a0fee2f5f852.jpg

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14787442470b33a47f858d237808248264faccb77310685d363d95ef7b005eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762292649258806589/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:06:20 GMT
x-content-type-options: nosniff
age: 328728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24505
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 14:06:20 GMT

GET
H3 200 876b380d-edff-4b11-a73e-2bdbde774622.ttf
s0.2mdn.net/sadbundle/762292649258806589/fonts/ Frame F68E 6 KB
3 KB 17ms
17ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/762292649258806589/fonts/876b380d-edff-4b11-a73e-2bdbde774622.ttf

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8140a179e1c853c6c61babb21279ec7d483d5bec132bbb13be5c00b68dc7b99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/762292649258806589/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3138
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:49:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 14:06:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57CA 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPSfzc5EIY4r-JcX4gQfa5JuoCgAAAAA4AeAEAg&bg=!FBelF1PNAAaXrHhMt6w7ACkAdvg8WujKbqvOPpjURhpBVCDcaqyMYsdlSzm4IkrXKuj29ZuR95CVFwIAAAC6UgAAAANoAQeZAySz_uUfmFAVrlANO9g8xgIDwcQU5Wxpg6RKBLk-P42hK6v9PlwETBlM1UdO7ryS9VDKHJOGpNSTCl3PNJgYqDjG61g-U_K2dUUvny6xNvAbOyUxmvugpyAYhCefoOtoRWhIt0Set0_dNVNYFYY2CECz5F7BotYHOESvRSkqQ2eEJOEXIzkzSqM1dLaxKilAjMvezthtutxzirvNfzSNkc0DTM7JarO_X3AIqn0H0MTjWGoRBvsWLL8EixYx5qFrx2EhDd9-Q96IrxLr0zvQtNdjaQQ3C_d9I9QfTWNX1hMHkKs6ojZFC-goplYut5UuZe0FNTpSl0W3gjxqeYrQ2RgAdG_3WpC2Qe1nfcSOjEz54J0vK60xRIFWIPOlmNjvmcMXvlbdxh2LY7hcd74lF-fg0cG_yYTkWuIQqQdPsjJFscNFdDXfKaNCZeiOn8SME8SN49aa8XoUKFJGB_g1LEv0eheR1lFlBpnjAhBbojDVmdZkhsYNjR5r5XeD2eAxAHr0uWLL6unNvkCpdVehWv2UgoPXbo6cC8mYH-0cZvvaQwQ0MJuLcs-a83i2bY1d0SRy85JHMC2JhOj8tLfCSjaWK9iSd5FzFSgSglCa6CQslCdvu8DOLtnDQkcy0WMUE1ynKDhaGcWGirWvQGJCCynKUm4Ll5x7gTQBHXcH3pqCd6R5tcagcGk9WG7ESILzEYcxMOjFqNkCh4MwSZjrPGiY2nEgu7rdqrGBbV4-bqDYxTzPYfjyk6Dt9j_-5MEvEqcjdO9v2FQoMgZsDuz7KVikR5cow43feVt2rSwupl7Wo3AdDZN8dbzHuwrPtvccRbfX9h938TQsqkzWuNOfhI_mASt9UrBX9d1RbpszqrMBj-BchIkjboz5P_vX_ma4UnS92sZ8LgwyP4INo6nyHGAcGKHEyQxeECY6koqy2c-f-v-xNZhTrDbOIf-620Q7CDOtuMuS-8jYhBeOHFVhoflweTzm2eskpn2_eHB6_twdF9ms0rczzk5eZllagzt67Bhn77Jlan8wnoRvEktHMUttFfEmD8Dx1cb9M92ES32sAg9KiZo

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1B 0
20 B 78ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsLL8c5EIY6D9JdrDx_APw96RiAUAAAAAOAHgBAI&bg=!HR6lHlrNAAaXrHhMt6w7ACkAdvg8WgCW4sroJsUfOj-Rule7l2Ewkw-ZIlak-4m-A7NJuvAxZYMVgAIAAACIUgAAAAJoAQeZAx8Kh_1CPneB-uggFznaJCKpzCWLubtCcIkMeoXOLbOncSiUR1ofUtrfJPVXJhjrnd2ZCXYLH2YWmlJxvzLymGhtD83xltSgRI7i82XZzGFLxQ0hxUXsUXw94dE3WU1ODdFTmPadx_i5N07rlD-QhzUy1AE_LCc-fz2jKmm18cGThBvVVU3wDTtYaIzFum7hdwziRSyu0B0QuigsLNrbCRX5F-N9y4Q9nLOQ6OJIpZfQ2tLnHbzgSN9Tu_GHS_q0YInEfFSPI7MHSpFs3wSTRdpXzmqC-5Sc8ZRTYlhOKSKR_yZQMqQj5cjTONAKnfZMJPhKqFdpz4A_JELeQ87iMeMkL2bCcA8IxhjWAwBUKuvfeAan9ONi3kef_vCPl9O8uebS-Hr_IjAu2QoNbIpO3jPAEHk8jR_PslI6ip3I6iJWdxaOG9Hn73PlA3Hq2JnyAmPdKjQTMMo_WOunWF-pwjESOmZ4FIIQzJFpn8-QdStsqaSLd5wxShhayc2OpdjoIMa6Esl9OvVemAhrvFsegH2BQZP24PwNYRzEdFmK08HNazrcUWV6rCckD_VT3xXMZ-9mdgwthbCYgM5RTk7ZHEiY-xQhbNOUsp_yVQulLMjLBTLi3a4q7YUCVrEBbZ6nKX2tNkG5v7Tm_evFVXY570ULIWotLowPN1CgAT1Xyjy0NPAWl7kEAKJGKKdptCg0lnUOMHyQtqoLiVe4a9bh2wcFKOLfSYWMXsihFOaGcSdDllQcm4v5BuIbvpxoNp_LuQt4MRM0oioFH2X900a4pCsNPv_Y4CkPnbIv91du2XAkcMWcKwFSaY2afBe05IQRGR9NfcGxXpnsF2CwlIIGEeJtuIwVcSjZh3rDy1AivgRmQxESelH2LfyinfQq5_w0i00izFa0NRKdBG5QrQHbKEcJdxT5kamaOWFKcY1iSGC4KeEnvsnEvG7V3587Imh_iY-r6PRxmMu3XeQKZbNiSQ3PhATzqWfIsZr-0BbQA2s3yLOc93O9dk6FQmw1ARUpczwn2Iqpt5_kgYuccWV8oXSfEydprRTuNTJwY3E8-4ez

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D9ED 0
26 B 145ms
70ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssizdvioZgbqJHV1tAksHEX4-nbsxS3TXjLelHIdDx_NyOZrQk8odwmLe0PBAu3w2naMS4IASnaPTHHboGRN52XDDalyaaGwasVy7Pxvts4n0vmxoHmvEXpSW-dmnq6B7yqUMt-vWKEe1nUoKy9qRE0fH3Mm_0KQnZOilNYKBAUmWDs22gxwR6yB3g6d5uulqbNiWCaOOIretRVpfoFdr5C3Zuk31Qq_yXF2qFiEpTI5SOC40muUnyWWopznQykG6-pAOZzKlV1fO6NDwEHqeiVvr7w5HdPktZOjY78uddt6S--YyI_JNPTAixw2fs5DU8Gk_wG4igOK0y0nK66SwnuUwVdQcuBViQ3phNRqsaogSCczvYdvuubPoU8Yt5n2aKUUd0502sbMVYxQWQFFwKcR-xUTmWHAOHgciD6LOn-gwWZ5NtswgXO4-jvjqcAMHPobsCP_RNSYAe-vreAWIkcW2PNMFxBjDbpaRlF6f9j8mTAbB9QgR-WLE2RbILk29ekmvpUwqwGZ23rjUe2rQdTeT_-SFDyTjHzMm4Q9uB0bcPkqeB04hYbf6fpCs6p4eme6ootCc2tfoFUClMqAgLtFT8_i1Q-78nBNNY095iqMn8AE5CVon-X1dR_K3rxs75I2z4b0ZSRzBELeDjU8ovtPmun9uIaDoOJ0ZR3IVOn1tSHB9q7uzUfXfdznBqvuOVQaKqzYhtMpaxViheldEPDt1cw9S4e47V-JX74KiVHv0khjFaHDyqKyJ8MGxBqOXfF4wzkdDE3KQEvEsExXjBCIMZR5OKh_tBmuGe0hvYzxBv1OWJekTxloNcTLs7Pt7qM5McNwrIXQ1dDiEiqYWi7UNMdJ9LMJoCmZht4Ja-N4infFYGArDUB0n9g0x1VM2kGskNzKbw5R6zsFEB3jyV2ICh6XswD1btQV_9LZ713rhDCzLPvFPVV7efqQiAgCx7EN6p6oyx5WECdk3wfho2hydnS3QnXpl6jkyneDrK_S3vUcRqOOMgLy65aeuRMB_joMCfBIFxrYhElDcvwMmS78nHzHHsASx_QFnfrQKgS3YZJe3xEvRUZK5X5B3Q-t8aCE2JzGMb3lrYJRLbFT1g0HnkkbN1r88oR6J-vIvKuLiAsy2HigcEKnMQQrgqSJCOr-WEiRDAgh3DCySFJI2SAgu83tXgDoPxW&sai=AMfl-YQO7slfYqsdviTuGrexg8qUdLCHIh6CKPFzDMye0aqu2Ah8JHSbpTec9Ez4PVNRYyf_K7vi8w2qCyiMzNYB74KbJQEPM2p-LBk5WzcXDJUpPIq4G-AZDJI6lYF_MFuW6jjfinkKYhDDJJU78KIILWU_L-JR-4WGrRzPVJXSxrdmnwRGj_qzkL9B6p7g2tvbsjOoeHH4jDuMooc1L58ibexWUyuBTVgquw&sig=Cg0ArKJSzAP7tu2_hqMNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=415&vt=11&dtpt=301&dett=3&cstd=111&cisv=r20220824.98936&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/gluely

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082401&jk=4104596178045129&bg=!enmleT3NAAYUOm8VNDo7ACkAdvg8Wk5eYXXQNBdyKBS7C91mvty4oop1xe3PdmV1bmt1SyybfQfbFgIAAADRUgAAAAJoAQeZAt1RC6kmWYeU7eYK-mRErTkLL3A86dlSwUaVtD-McpMpT78fKsF5uQEmYcRQV7qySaDZ2pr7TJVTcNKWkyZhFA0EYyBsAStOpsjqjy2kHdAXsgoXcYGIrBUZIcdXPfHYh_drOP2BzvuYk_dz2jjeVd0x-kXLeexePj0pG5JXi-Ad7mRBh7eg7KEUO1dIO7SBSyfcE_E7kcdpPTJXXJXnfgn-XFumjWD7tG2amxEFNpBgtxUqOUbf8QxcwuzsFZrrYSAKB9ACsvEKPp8g8JaaWg8GqZ9aWRmctAo0KnTgi3CjaMTDH4PppJgAGXeh3EwgIJjrq7leCOtGsecdvn00xsRHjVwoTb_HyNI9xCoEBvtnE2hZzbI1ZWwmKvNz2XopC2NmR4zbC7FMwPPgfpwa6lvxWqWPKkuOIpDOmcuBS5mYkRovM_NQqGGI24Jj_3fXW1-aKlcKM9uAZRM5iPC_Dk1mm_mVUeLep5YuJJtFZbaHKYsJS4AQ5IZU05PgNftcAFKMMWOPkZTnKOVzpZezzTd_xZnFzeUOlOGn25m25idmAgiqrKQu3Lizue4b2pE68Q6u2MocQ7Ko48Z-5WZPfCIw2-xibwE5l9NtrIc4ilzov4hq5q3-vNqIcepIJJ7b7C_Ylo3qEl0OMBgOeqm--v8EYHJQqEILo2-8sptquODj4p-uh_rqUxv75STFP72mByaK6xV2pA-l85NC-YkWCE_HddyQqBTzM0Dj90ipk3xYxDzUI_9FVVo7s-cfbDDSSu8mVy2efQ3o32bWAH0hynUYDYfJoT6sL3AvsyQ257QO_6FfQG-5qxG5KXViEAl4WFakrbZRN_87IsoAWhEoF7K0B-UoWa47zWhoqMM8mr4YDRqZVeFxhvGhoFQyNIF2Ezcp2oNmNdIcgUT8mE4-Bg6KrcM-TiN7rc5c6q35TP_AECiNorTALr66elmGMI5kvEV2S5PqCgeGjtrl668r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame CA94 8 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=250412649;ord=8nq990;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Flookbook.nu%2F$0;xdt=1;crlt=SKB7WXgg2W;stc=1;chaa=1;sttr=64;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 09:04:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA94 0
26 B 88ms
69ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsnuHwlHtXrB59PtaPo2Dq-ybOamFZlC4Ks_z-guyNRu6CklK0oWH39GU8d7ezI0DGA8-Cq1KRFaP9e1NYrbZmBzoebIMvxGKR5AXDIyDxLL5irpGC15T03e9WkZM0-qTMrHGOuVfgmyvjGWFrbsKQhm3cew&sig=Cg0ArKJSzCp9sU9Mv3T-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.93218&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 16962963768266320094
s0.2mdn.net/simgad/ Frame CA94 33 KB
33 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16962963768266320094

Requested by

Host: c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
URL: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 01:11:29 GMT
x-content-type-options: nosniff
age: 116019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34175
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:29:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Aug 2023 01:11:29 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6895 22 KB
8 KB 51ms
50ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CA94 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46ce667a83f9a09ef65283e08bbc476199840f6826bcb8a33eb60570df0ff98f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA94 0
26 B 67ms
66ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 65A8 4 KB
2 KB 119ms
41ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=53099100055973800710616012063014&a=bc9eac12
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=658ff7e89b&subid=&uid=d927c81c0beab9b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcvCSc5EIY7I565GO7A-mxoegDrXN-YNXzN65q-UM8C4QASChrtUZYJXKm4KsB8gBCakCGkXcm1W6sD6oAwGqBOYBT9B2BGqWNBLinZFMHE8NtOcuF9hiFQy4OXLlEqdyUnd94j2YgL24UkicCPG9G07BOz6rRHpJ-TcHfHF7CJ4m9t5X_AWVQ23udt73HUxjGfNSOXr4PYGuDEH1CE7qt5bQjR2ECV4qQJ219YGqqlhSz0ltW4OHKOn4OfOSw4NorYF5Ftmcm6JCPjgB7dFqi9sAl1dIQS3XV6wBZqN1cATNeOgM2AxHVsQ0N4jIcaiKdoH5yLvbX8EoulhJ7ayfzxHhl8xuaMnQlgjqo4OHBWtmwOAigh5trCtsSwxiWUU4Hl6HK_e71VHABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoVWHTvy4flwoG16IrAWVEIx5lKm9PKJi9IMFGGlOsqwRt6VQK5y0%26sig%3DAOD64_2aXWyLNcYV7w3jfi0469QPE3iDhw%26client%3Dca-pub-0790894148451785%26dbm_c%3DAKAmf-Byx9AEu337Ezlk-_KcB-_OWo50l2r_gnU-CxxlvsIE2x99rHX6iyBjQN6Hgp1PWB112XKxJlSEGD1r3KSziqegTemVekyEC3xAfE37eMiRU_G4nlh3l8XhUavgco3IQKL6WDktDKWjIWi_zp2muUGwywwAjw%26cry%3D1%26dbm_d%3DAKAmf-DwWaOIjpDswYI1EZ6ueTZ2mLBrdgz5buFWbJ4P2KnAy36XhSwSHOsXEXaBlqsGB0cuZrK_M9Oj7MxsoNPd_JgIWPLxkNdcz4TeRETdy_9Pkw1bgdtfm3v8D5kSWtdRsN_6ZRjYDRFk_Qj5_Yk-yyNpNn8L62z-OIzM-VRkKgVupTDXToOJrzKmdSn_Cm3NqEz8VMiPXF5zgjk6KDVVYz-CUg7K9HU7zrKI8WMinLzd-5VCX6pgtAB-UnqVxDpGgGpDRqAT0r3--JoeL1NWAaLOe8h_ACu30sgtlYl2v78xvv5ANkF_r_JKSkUv3DuAkGGhza6WOukNgJymCV1iRUUIkMxJdKYF6GDm6444lXCmpK6adDzxBw4R1krPP6XTW351wAvIu6RLBTHo4Gjn2J9maftCz75MH75wfXlSaxGBpl52wMRr6_AqI5eFrz3S9jnoJog7OLM8oUfhX27u6HnMUb7BaP7obx0ImWfjfFOPyZ8GY4MI5AtLNsobwVaRvwnfBzmcDmv6kCM1oyG49uCk7hS0Hg%26adurl%3D&documentReferer=https%3A%2F%2Flookbook.nu%2F&ancestorOrigins=https%3A%2F%2Flookbook.nu&random=3594412255407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e11bbd11773f08bb29f514237c629fd67d8a05ee19be980c0973dc09674deec1

Request headers

Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1527
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Aug 2022 09:25:08 GMT
Expires: Fri, 26 Aug 2022 10:25:08 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 9850 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 816841923d3e8e43c14df0df0a2bf842c216ecba320bf45ac6060f0f56e2873b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6895 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 15:21:29 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 65A8 52 KB
52 KB 115ms
37ms Image
image/jpeg 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=53099100055973800710616012063014&a=bc9eac12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Waldshut-Tiengen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 09:25:08 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 65A8 0
150 B 91ms
30ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=53099100055973800710616012063014&a=7121d9b4&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=53099100055973800710616012063014&a=bc9eac12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=53099100055973800710616012063014&a=bc9eac12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 09:25:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 65A8 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6895 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByBVYdJEIY9O7BbnDx_APx_-6uAUAAAAAOAHgBAI&bg=!nJ-ln9vNAAYUOm8VNDo7ACkAdvg8WnK0WzPMZQDYu34pa_QP6OX7bZN7lZK99w-XvhQVxyPxHsUoaAIAAABlUgAAAAJoAQeZAxsyjvrW2HM-_7LKG-Xz1nPECweB9A3zzdHlUfp8iZ_UR8KNfwq0CNUGQAcIYbwVfJtusW7etdPVaizIvMSs8YMMENuXc9IOGzYQWnAyG3g30o9wQsfpROageQaTe7qDFjIoq95dMC97yUq8kvNKz8o6OOpbLv_1qjtn_7q0TikV0gcyYaSaVt1skLo-V4KPe1lEYDaIJb-9lidXa1jvAh0ZZCLUltUUwtaasIUt1mTI1TlUfFPoSupeT9gIYiy0z_jdOzVgFI3PfxEnuxYPLhDTwwEZy7k2PomShsGewL4_Rauqgz3-ZuRqncpvVQ2XukhWCrfFDvYoNqbR2FwHIN2HNwmkAY_wjr73UfZ_9aqYzCZLOb2Gx9OQQ-W0Hnn69PGl7Z1hMLU2ei8U32vcFjAJfTarvGk02UGA3tW4UTg7ENbkKhju0TmYfmgdOjfWgkaThsyfNaViWTeyyw2fmiioVCIvJt3eayMDRVrAXhJnSTlgzU-KKuDZD4kGqqPVU4CKrcrkLC0tlz7iLV0IBMWMmEvBXbtK57eQz6O5RVfEoWD1yGDUOqqDkkltVbkig0ti39dqrBL9b0FfomV__zauJUJlKfM0b_IAkiVZ05CE8fEw9jWeo6qW8mIlHK4DjHLNxLGkHOn99I2no4s1u_3X4tlIgtsinvGnoLCLezQSUGBwe2RyUJoS3T3wxRPH_M1OlLh8d35-rnywfqvbz44-isDreVwCJGpE_8HSvVFw__P0wS69lfzR2lqgOE4LIafWDWgW1xL6y_84uJ5sM_wdjH-EvHICiewRBbaHz7MA6IHrsPkKRggGdLpuWC_m02IROD9U_QS_LroSTuUBZB5FvYuWLSohzKrE5lo8XwqtjeH8grHIR9V6qFcX0GWe_wRbhN82t8Qw5jSW_elMmlN5HP9yGMR9DLOoPqmjkR8KMdtFmBPJfW9cDxl4tCLVMv7X3Z-phzohzOJiiOlIJErxdKk_WOaGYX3Zwsksd8ZPPkpK9Zha0B9C-2eQlesvi2D8f7La-iP4HjiIj-DyN6TnNDQj2jinSoQAoZY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9ED 42 B
64 B 90ms
55ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8587PG7koIqZH6XJOHrmSvrcN4AivE56k4R6P559I5sth2S7BHDPtkAkDwP1ZSDkEk-hLeiujBGKKAFDsh7k8Bm4sySQHiJD1h-7AEOLQuLzZVpih3M7JSpAw_BLOHH0l_2goRaI&sai=AMfl-YRsIHsBvc5OGH13m-u4jTQE0U1C0MEC5GKy1jM2R5AZ78vVP893-EYgJCR5MI5_3LUcjHur1e0Poy730SGUOj0Hl3-_m4tH09Fx11WAgmC7z2T-yWRsgQ4XxgRJ2g7P&sig=Cg0ArKJSzG8jetPpBFVSEAE&cid=CAASKORoFA5K6JCJXEZJfameLe82SGqJvGG6m2hyK3DGdpuoNzQcmM1QmeQ&id=lidar2&mcvt=1000&p=488,990,738,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1276300409&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661505907428&rpt=319&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA94 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDhAx8d1p7IKwYs8kRYA9JOmMR0xk6t1vSdXhhvKow9fgYTA4MkLMyIRnzVpjqxKy2rV4MPi3rHKh_9ExMsrNswrDehdfz&sig=Cg0ArKJSzOP-gE77KfZaEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=250412649&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661505907277&rpt=948&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA94 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYG32fppV_cqMwVA8DCpowH5gJW4bJO0bWle-xpKtXSetToDlERmgu3NCN7kLWv7xY8wPkFHPFK4MEJGwyNK0mLncw07LUn58a8rG8BxEX0sSi3Vz1vZIFthzxGg&sai=AMfl-YQg1NkSCWWRaRDcxIDCd-2ugmznwc2AP2eVHcBF-iz8RU24LH4AGg8DfX9Ntu7AUvWX6AwWJqqSlV0Kb3_cjQf50Aff9-94klNM5H06b6-pi7j8Yl0v3TD5Oj69nG1w&sig=Cg0ArKJSzKBTDUlB2mQ6EAE&cid=CAASKORoe_xYiN7j4G8Qm4s8odbAar6LrD4ycXdksIjR55o0wNNQCCzDsow&id=lidar2&mcvt=1002&p=384,436,478,1164&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3286650984&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661505907277&rpt=944&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lookbook.nu/	1969-12-31 23:59:59	Name: bookmark Value: null
lookbook.nu/	1970-01-20 05:33:12	Name: 1-day Value: 1-1661592306614
lookbook.nu/	1970-01-20 05:41:50	Name: 7-day Value: 1-1662110706614
lookbook.nu/	1970-01-20 06:14:57	Name: 30-day Value: 1-1664097906614
lookbook.nu/	1969-12-31 23:59:59	Name: last_session_at Value: 1661505906614
.lookbook.nu/	1970-01-20 15:07:45	Name: _ga Value: GA1.2.295022171.1661505907
.lookbook.nu/	1970-01-20 05:33:12	Name: _gid Value: GA1.2.1332779767.1661505907
.lookbook.nu/	1970-01-20 05:31:45	Name: _gat Value: 1
lookbook.nu/	1970-01-20 14:56:14	Name: qcSxc Value: 1661505906685
.quantserve.com/	1970-01-20 15:02:00	Name: mc Value: 63089172-b1ac3-d8f6c-62d1e
.lookbook.nu/	1970-01-20 14:56:14	Name: __qca Value: P0-671137736-1661505906680
.lookbook.nu/	1970-01-20 14:53:21	Name: __gads Value: ID=f38835e748dc02a1-22e15df907ce0058:T=1661505906:S=ALNI_Ma3Kl-74NDuiLrsXH8ux7zrV5YeJA
.doubleclick.net/	1970-01-20 14:53:21	Name: IDE Value: AHWqTUme8GBksymgqhqh7BgsZEEQXY2D7OR8DKKeUkRxWlR--wWTyrSSRbcYoTNm
.casalemedia.com/	1970-01-20 07:41:21	Name: CMPS Value: 1215
.adnxs.com/	1970-01-20 07:41:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>peL@>!]tbPl1M>e)ZlrFUfJ+tGXxoa>nQ3HU<Sg>kYm@/UFFF7UFa[81VgQj=4g3If)y3KL9D3I?+OOgjK*
.adnxs.com/	1970-01-20 07:41:21	Name: uuid2 Value: 169055873740150841
.casalemedia.com/	1970-01-20 14:17:21	Name: CMID Value: YwiRcxGkxK0Mt-aBjGaxSQAA
.casalemedia.com/	1970-01-20 07:41:21	Name: CMPRO Value: 5129
.casalemedia.com/	1970-01-20 07:41:21	Name: CMTS Value: 5145
.redintelligence.net/	1970-01-20 07:41:21	Name: 8lcfmzhxc8d6_uid Value: b8ca3bb6bb7ae8d2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
app.lookbook.nu
c.amazon-adsystem.com
c55bf315eec0e261ac77ae8bdf104c45.safeframe.googlesyndication.com
cdn.contentspread.net
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
edge.quantserve.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
ib.adnxs.com
lbstatic.nu
lookbook.nu
pagead2.googlesyndication.com
pixel.quantserve.com
pxl.qccerttest.com
rtb0.doubleverify.com
rtbc-frc.doubleverify.com
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
wasabi-files.lbstatic.nu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.111.242.245
104.18.19.126
108.138.4.10
13.32.121.21
142.250.185.134
142.250.185.162
142.250.185.226
142.250.186.162
144.76.238.55
176.9.26.250
185.89.210.212
213.254.244.107
2600:9000:223d:f600:11:615:7240:93a1
2600:9000:2490:f200:6:44e3:f8c0:93a1
2606:4700:20::681a:112
2606:4700:3034::6815:48a4
2606:4700::6811:180e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2006
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9c
2a02:26f0:3500:583::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.98.64.218
85.114.131.233
03014c182047b9c76b26a98e3740d9f4f066bcc1a8fd5fb66f1aade56f6077d9
03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c665a5e17360f559684cfd5a667d02cffd0d414e798418df0d4289ff98a5cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14787442470b33a47f858d237808248264faccb77310685d363d95ef7b005eb5
1852ec5957212ab1ddc679453216178799dd25a2c75985a885e7d467328795e1
1b0df5acd41c11fc146d64795aa729d99370a98109ce1e441db4ac0b7f69d025
202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2423689f277bdf08a684361dec979eb68a6ba20cf6b15b78a46a49135bd3d252
299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ba9b42ab037d3a52b2b76314ba3b641a70114b7e955dc90e490267bfe85d81
39dc63cb240d08c5d562a3e3e79971b21c51bf5814e00cf1fc0aaef4d267e999
3d4d082fd9cda40cc1f1079818a807a09a53ba012be168ece1995121d7a62892
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
46ce667a83f9a09ef65283e08bbc476199840f6826bcb8a33eb60570df0ff98f
48d53d03fec0180fb30303f1cc3b878e5e21fc235f6c4d7f02e38d5e8d94060f
496634f73cc1855a47222991cb85231e6d2777d5d0d76fd9db919715f608747c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5080a86288dc83628bab210ca5e067556e1bbe79ac0f36de8fd8f18847f23a50
531522093bdd936f176a6b8f0cbb62fd9744ed9e4a6b6a014000d5c850825953
5357ba543c71f2139bea63815e89a1c23422703ec30db40a5a213e4ee044c814
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
553678e59fceeacafd5154462c78076454ba407aa61ad43bb7d3537f7145998a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
8140a179e1c853c6c61babb21279ec7d483d5bec132bbb13be5c00b68dc7b99a
816841923d3e8e43c14df0df0a2bf842c216ecba320bf45ac6060f0f56e2873b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8895fcf1b7b8617a9edd14174889ef3bcdc3cb2273aa059284fe79885e50f4d6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8d7600604cb30e42b1511c91d29c886de204d3f46d8c265b9c35b0960ccf8195
910203de6c08fca08981d79adc040827b3b166b9d43599dece7e5b53ff44654f
917558021675c8b39c6a2e6eabeac00558ecdf7c2c3f7c0cb9ded7fc3a45dddc
920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d
99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9aab9a81ed9cdb217eefe585e153cc2f64ea8792d5adf9060538a9b0b44ce4f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba16a08e6b944165271454c9adcebf4d1117a1f74fd8fb97929f11bacd074b40
bfe1482f47bf07860834eef43c6866f82dae52bb5c0e4ab54fdf2b8800cfa478
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
c243aee6a5743606b58c6a3bfbda9e69c34c391e6aff946fcf1f3e385513fefd
c53cb61e2947d208c306c8680d407115d7663d1920ef125ecdb1ffa417f22fcc
c76f9f0e3f54033d69ad83503075da0bdb311300e61f08334ab94c3e47f8970f
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cbc09dc08a6af94ea912b26dbedb28cbb6a859b6a481a2cbc5a8fa65999e3488
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d40e2b8b953f7c7e3cb23e8646c4b8f15a4a94fa354288d9bb31546478eb1e15
d5b0a79c59cefa6d40a282491989f651a5e185c6aa72bafc675cdd37aa583159
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
dd4bc601b2d6cdd261ca5f70037aaefd1766fee638771a12fb8aeb1854e3d76b
e11bbd11773f08bb29f514237c629fd67d8a05ee19be980c0973dc09674deec1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f18603569ccd052775409baed22faf7d0577c3577e812822e1d31f580545fefa
f729aa0990fac5800957361e16e26df552f0332b142c509cb9d170c37c195c90
f8806b8ef2df0ecf4444f18ff0dc4726abddab2952fd08201ce5781af445f20b
fa154aae30700d792a088ec67e9e94878f0947772590d3dd49bb69dcdb1fc3d3
fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26
fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

lookbook.nu Open in urlscan Pro 2606:4700:3034::6815:48a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

93 %HTTPS

60 %IPv6

25 Domains

39 Subdomains

36 IPs

4 Countries

2198 kBTransfer

4897 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lookbook.nu Open in urlscan Pro
2606:4700:3034::6815:48a4 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

93 %
HTTPS

60 %
IPv6

25
Domains

39
Subdomains

36
IPs

4
Countries

2198 kB
Transfer

4897 kB
Size

20
Cookies

137 HTTP transactions
4 data transactions