www.esinonime.com Open in urlscan Pro
69.167.137.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.esinonime.com/sinonim/rezistent.php
Submission: On October 10 via api (October 10th 2023, 4:06:17 am UTC) from US — Scanned from DE

Summary HTTP 205 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 42 domains to perform 205 HTTP transactions. The main IP is 69.167.137.97, located in United States and belongs to LIQUIDWEB, US. The main domain is www.esinonime.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 2nd 2023. Valid for: 3 months.

This is the only time www.esinonime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	69.167.137.97 69.167.137.97	32244 (LIQUIDWEB) (LIQUIDWEB)
18	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:21:... 2606:4700:21::681b:cc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	144.217.66.206 144.217.66.206	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:b800:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	51.79.72.196 51.79.72.196	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	54.171.14.223 54.171.14.223	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4 18	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1 5	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	213.227.153.222 213.227.153.222	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
23	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	54.204.93.234 54.204.93.234	14618 (AMAZON-AES) (AMAZON-AES)
1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
1	2600:9000:211... 2600:9000:211e:6e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.154.93 35.214.154.93	15169 (GOOGLE) (GOOGLE)
1 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2 2	3.73.105.217 3.73.105.217	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
205	49

14 69.167.137.97 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host.linkrapid.com

www.esinonime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:21::681b:cc59 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.217.66.206 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns535844.ip-144-217-66.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:b800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.79.72.196 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns567732.ip-51-79-72.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Weil am Rhein, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.93.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-93-234.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.154.93 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.154.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.105.217 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-105-217.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 pubads.g.doubleclick.net — Cisco Umbrella Rank: 412 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	247 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	341 KB
21	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 24979 analytics.vdo.ai — Cisco Umbrella Rank: 23387 targeting.vdo.ai — Cisco Umbrella Rank: 26867 h5.vdo.ai — Cisco Umbrella Rank: 35092	1 MB
14	esinonime.com 1 redirects www.esinonime.com	38 KB
12	demand.supply live.demand.supply — Cisco Umbrella Rank: 48122 api.demand.supply — Cisco Umbrella Rank: 91159	34 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900028.redintelligence.net — Cisco Umbrella Rank: 305585	23 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	393 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	30 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	2 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 51750	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	7 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 498 fonts.googleapis.com — Cisco Umbrella Rank: 49	357 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6147	622 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 913	489 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	1 KB
2	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416	1 KB
2	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20426 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 26761	250 B
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2100	13 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223 Failed	118 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	68 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	7 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50844	610 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 952	711 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	541 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1165	412 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 893	237 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1111	401 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536	549 B
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2761	15 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	17 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	606 B
205	42

	Domain	Requested by
22	pubads.g.doubleclick.net	imasdk.googleapis.com
18	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net www.esinonime.com a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
18	pagead2.googlesyndication.com	www.esinonime.com pagead2.googlesyndication.com imasdk.googleapis.com a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
14	www.esinonime.com	1 redirects www.esinonime.com
11	live.demand.supply	www.esinonime.com live.demand.supply
10	tpc.googlesyndication.com	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	analytics.vdo.ai	a.vdo.ai
7	h5.vdo.ai	www.esinonime.com a.vdo.ai
7	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net www.esinonime.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
5	hal900028.redintelligence.net	1 redirects a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com hal900028.redintelligence.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	a.vdo.ai	www.esinonime.com a.vdo.ai
5	www.googletagmanager.com	www.esinonime.com www.googletagmanager.com a.vdo.ai
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	www.esinonime.com a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com tpc.googlesyndication.com
3	pv.medialead.de	hal900028.redintelligence.net
3	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.de	www.esinonime.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
2	csi.gstatic.com	imasdk.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	onetag-sys.com	1 redirects a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
2	dsp.adfarm1.adition.com	2 redirects
2	px.ads.linkedin.com	2 redirects
2	widgets.outbrain.com	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
2	hal9000.redintelligence.net	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com hal900028.redintelligence.net
2	www.googletagservices.com	securepubads.g.doubleclick.net a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.youtube.com	a.vdo.ai www.youtube.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	cdnjs.cloudflare.com	www.esinonime.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	fonts.googleapis.com	hal900028.redintelligence.net
1	b1-eudc1.zemanta.com	www.esinonime.com
1	csync.loopme.me	1 redirects
1	s.ad.smaato.net	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
1	sync.go.sonobi.com	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	zem.outbrainimg.com	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
1	b1t-eudc1.zemanta.com	a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
1	mug.criteo.com	www.esinonime.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	s0.2mdn.net	imasdk.googleapis.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	api.demand.supply	live.demand.supply
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	targeting.vdo.ai	a.vdo.ai
205	62

This site contains links to these domains. Also see Links.

Domain
vdo.ai
www.qdictionar.com
www.scritub.com
www.rasfoiesc.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
esinonime.com cPanel, Inc. Certification Authority	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
vdo.ai E1	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2023-08-28` - `2024-09-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.esinonime.com/sinonim/rezistent.php
Frame ID: 066E51E3DBB6231B2E259D84BFB14D0C
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 3BC1130930C5EA1AAB1580C14E699637
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&adk=1812271804&adf=3025194257&lmt=1696903569&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768928&bpp=11&bdt=400&idt=309&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1211505324062&frm=20&pv=2&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 59AF76AAB20D80BB5CB9DDE8948D6BE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=280&slotname=6827685460&adk=4263746603&adf=3284178370&pi=t.ma~as.6827685460&w=974&fwrn=4&fwrnh=100&lmt=1696903569&rafmt=1&format=974x280&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768939&bpp=3&bdt=411&idt=333&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L0x8tbsXyF&p=https%3A//www.esinonime.com&dtd=342
Frame ID: D92A13F76B47E19C12CAEF89D3BEC8D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=175&slotname=8330670526&adk=1513661441&adf=3971004683&pi=t.ma~as.8330670526&w=700&fwrn=4&lmt=1696903569&rafmt=11&format=700x175&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768942&bpp=2&bdt=413&idt=343&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C974x280&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=59KDzXDOXd&p=https%3A//www.esinonime.com&dtd=351
Frame ID: 9001B97608D99953066D0E67B530C154
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=250&slotname=1601896056&adk=218572105&adf=1320837066&pi=t.ma~as.1601896056&w=305&fwrn=4&fwrnh=100&lmt=1696903569&rafmt=1&format=305x250&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768946&bpp=1&bdt=418&idt=362&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C974x280%2C700x175&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=zMGJznnY2O&p=https%3A//www.esinonime.com&dtd=366
Frame ID: ED9F3D07E25D16FEDC0AE5DA3379A5CE
Requests: 1 HTTP requests in this frame

Frame: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2901B0619B6D767A9CF151B3E0875D9E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html
Frame ID: 2093F79255F70F703ABDDA311016898F
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 68A51CA27A8F9C011176A0D32784FC93
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.esinonime.com
Frame ID: E3C09B60A53E718C2487BEDA4D505CA3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-ypbvzFHl5XHtYKm0dAKvN8tsS4w8HyrYNv9XOPQ9LFqsnVFLD-b_e1z4PAgy3XF0thGmuqK8cCo2fgEk8jeEhVmBoecNoIjgd4g8FLAUxVuKOs_s8wSnm0nqYg0Z6YkmFQAN_COui9CRhweMsyKLCIOr2zKtu78IqSL5q82E0cFtgezuBSqbis0EtEy6f4hktdvVfdbGGtw-BD4N7puVjJKtPjlVG4DuiFkBGKrovrcXUt-f4xTVK2yzkpWfxHiPPuWR-y20sEJqtmLLdNNd9QuqFKFi7TZKn4IY22whI8szlt-NdNxlRlv3gW5sE3qpf5Zlr8zXPU_wTYg1cHnLDsp3dr-mRc92za_b57xOwMPcU17jkd6dnfRLDI2VvF_yGClK8KwhKAhkCR46aQ&sai=AMfl-YRyRmzJTWnzgJGDqxmdI4ffQFwWmY6gGCjj02GbCwIB1KTNVwEdcbhZvRulZS7iH1WIBN6FGNNz_aP6J9ODv2WHxVNkbx8I4WKvCbfpISBPlIkD-aZnvetdWoMfSw&sig=Cg0ArKJSzKGOe9UbGaZOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D0C1AE2EC95FCBB2F8C26030859F1F0
Requests: 2 HTTP requests in this frame

Frame: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D797D7FF474ADE96B9849DDF8315ACC
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjVmrvGATAB&v=APEucNWyHVzWl9E2Pip2ry1sXPaCeAqQIIq98uGczNwAc8slXd4pLJctb4ojchNpv3d74OnR5MmUxrUJZF3DxFgSazyBfwfuLvRbuCqiDzdQa5qUI_nK_ymSjV_sNFq19LYzyEyj6YELsTp-gxm-x9v6VzGpSnf1SQwblDPJ4RfcTExpWdEJHvSVXJ7PMFo4jYnFtaEdQ3Yf0YwRqK3jfiQa24jtZlTSYA
Frame ID: B5F646E116A0D39E64F975F9A0D55D54
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_HxgC723-VX-ZJMNmKxrLRVJsVaEGBu-QxRzAQegSD_q3CwQvK46RegQuIVd_AfGn1joo-b5BVmUWMevczHCwwsNpQL4a5VDkR_bhAjHXDJ-fK-abAB6Eq6puQVOWefPrqs9UhJG208NMN60x64mKxNpNVzDIBZnegqAecodyq7iIpepN58HrJFE6-BV3Grk28kjmALO_lse0H0G2nLEvy4erQDNo_jZYNv_xenfQsZSSo35NG-rlBFvURkteHZ3ugHrBAH2T3SVPZNS-BZM8AYHMxLW0hFWYeD4rPPWnqh0e3u71mrrPifPuJR_ddsUWTQZCaxYXMwr3uTECAeBICy21xwKSgYEMyzK0DGi43gvLUG_MgX4Y8X1_wGul0XBbej-qHQomOGfcLBhtpw&sai=AMfl-YTwLifpZKJhFDTQ7zAnB_5ebv08A_vVB-wjvzOPLtUol1lVOsaDsonFx-M6E2GDIpATVFgFl7BMGcUKP-F3DpF_08y07Kh7qmU2kaIFIpJCUBHGSjKW4_G0uTIKag&sig=Cg0ArKJSzNgVXIQwfyCQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CBE8B5FBDBFD7B5F56DC5D97334C701D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0C07226997BE3712A2F32CA762DF9DB1
Requests: 3 HTTP requests in this frame

Frame: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE6C0D630DB55229A59798EFD236376A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1412AFBF8E573980B3F0430F62709C0
Requests: 9 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16484200006708004445000012473028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: FEE02A1425F520E93FD3B63565DDB58D
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33
Frame ID: AECF0CD0CA4580D48C20F0F871D81A54
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
Frame ID: 1CA66047AF911025E11F8453938DA2F2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54F67D6EF414EDE9DD81ABD6BF129534
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B36E96358C1832E593C1D4822A554F26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE559B4C084903F55D153227DD7CFAB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sinonim rezistent, cuvinte sinonime pentru rezistent | eSinonime.com

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

205
Requests

87 %
HTTPS

51 %
IPv6

42
Domains

62
Subdomains

49
IPs

8
Countries

3214 kB
Transfer

8378 kB
Size

42
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://vdo.ai/contact?utm_medium=video&utm_term=esinonime.com&utm_source=vdoai_logo

Search URL Search Domain Scan URL

URL: https://www.qdictionar.com/definitie-dex/rezistent.php
Title: Vezi definiție pentru rezistent

Search URL Search Domain Scan URL

URL: https://www.scritub.com/stiinta/arhitectura-constructii/CAIET-DE-SARCINI-Lucrari-struc42181.php
Title: CAIET DE SARCINI Lucrari structura de rezistenta

Search URL Search Domain Scan URL

URL: https://www.scritub.com/tehnica-mecanica/auto/Rezistenta-la-deraparea-pe-sup22488.php
Title: Rezistenta la deraparea pe suprafata uda

Search URL Search Domain Scan URL

URL: https://www.rasfoiesc.com/educatie/fizica/COROZIUNE-SI-REZISTENTA-LA-COR36.php
Title: Coroziune si rezistenta la coroziune a metalelor si aliajelor

Search URL Search Domain Scan URL

URL: https://www.rasfoiesc.com/educatie/istorie/DINAMICA-REZISTENTEI-PSIHOFIZI81.php
Title: DINAMICA REZISTENTEI PSIHOFIZICE IN ACTIVITATEA MILITARA. MODALITATI DE CRESTERE A REZISTENTEI PSIHOFIZICE A MILITARILOR

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.esinonime.com

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=Recomand%20Dictionarul%20de%20sinonime%20eSinonime.com:%20https://www.esinonime.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.esinonime.com/imagini/cerc-gol.png HTTP 302
https://www.esinonime.com/404NotFound.php

Request Chain 95

https://gum.criteo.com/sid/json?origin=publishertagids&domain=esinonime.com&sn=ChromeSyncframe&so=0&topUrl=www.esinonime.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AjL0qHxKZ3F3cUFQVHJSNWljNWpnUE40a1QyVG1MK2NnUFNJMzl5aFAwUG9QL0FuRzN2T0E5c29wOUpSOFQ0eXo0QTBCcS9mTGlsT0ZwTlFnbU95Q2JKcForMjZway9jemhlWVBPZGd1SU1ZdkhYL1JIdHZiQVVYcXhmN2VDWGMrYVFJOEdUeG94UjVpSDROeUR4U3BqUVQzZGM0a3k2SzBGR2hGcDNIcmNRcndCMWFpQXJqRE4xK2tCRzZIZWVNYmtLbkxBWmZZZDBMK2ZadU5BUVd3b0srR0ZpWGFnSS9hRmdUeGRDdU84UWVUWXAzTnBaYm1ZeXlCV3MyR3BwZWZoTERmWklBazN0MW0zZWozeHFRRXRsQTFiWVh3eEZtVi8vUWFMT0EvU3N2Y0JTOD18&cppv=2

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSTNsz-K6cENgPJ89edsyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJOX7oieOXbWEB49ZIRApPE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOX7oieOXbWEB49ZIRApPE%26google_cver%3D1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODYzMTQ2OTQ1MjM3MzM1Mw%3D%3D

Request Chain 118

https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.esinonime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.esinonime.com&random=1603155566798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.esinonime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.esinonime.com&random=1603155566798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 138

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBdS9nVCudM071TUuy-u7JA&google_cver=1&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNaGffo9fxOYEZl3xhOBd9yUI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNaGffo9fxOYEZl3xhOBd9yUI

Request Chain 139

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOt7RcL3JBTW_HkR13lmDZ4&google_cver=1&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXlZ5l42q3rv0XOI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXlZ5l42q3rv0XOI

Request Chain 140

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIjLP2zI-2T_pUAQt1BNhSE&google_cver=1&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSVpRghilqpnWIdRbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSVpRghilqpnWIdRbIQ

Request Chain 141

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENMwwr7FxkB305pWHdrKESo&google_cver=1&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlmbQCuAjkpwhkkU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=nWF_AKgiVIZ9IoOwInVnBtly14Q&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlmbQCuAjkpwhkkU

Request Chain 144

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECK71RtK_lNykhmzMDQ7s9A&google_cver=1&google_push=AXcoOmT57_vL0PK-cV8uMoQzmd_dpNTDuc9CeXl1XRzxWbygjUSGBZhtd00gFsByKXCwlDl7fbe59T00DmkANCZu30VggopCZ3t7 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51b012b2-4a39-4924-a972-7a6daaef0fa9&google_cver=1&google_gid=CAESECK71RtK_lNykhmzMDQ7s9A&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT57_vL0PK-cV8uMoQzmd_dpNTDuc9CeXl1XRzxWbygjUSGBZhtd00gFsByKXCwlDl7fbe59T00DmkANCZu30VggopCZ3t7&gdpr=${GDPR}

Request Chain 149

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33

Request Chain 155

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_heytgGSLlGP9qnNYZMtgpcIDgz9jk19b6z308-poxeMHcdIRp5px-U HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_heytgGSLlGP9qnNYZMtgpcIDgz9jk19b6z308-poxeMHcdIRp5px-U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ym5keE1QS20xUVE0MEE1&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_heytgGSLlGP9qnNYZMtgpcIDgz9jk19b6z308-poxeMHcdIRp5px-U

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOZP3o86cBym2sXnYXmVXRk&google_cver=1&google_push=AXcoOmR6wG_z4ztsnVanWyLttoKvp0GWzDLy-mAdzZyKLkMzk0exgkhYWmmmVK-H7oB4VQMSsglB0N6UgxrFbiypiZMtLZO8dbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOZP3o86cBym2sXnYXmVXRk&google_push=AXcoOmR6wG_z4ztsnVanWyLttoKvp0GWzDLy-mAdzZyKLkMzk0exgkhYWmmmVK-H7oB4VQMSsglB0N6UgxrFbiypiZMtLZO8dbA

Request Chain 157

https://um.simpli.fi/gp_match?google_gid=CAESEIV9J_M-dupgfs1Uc-ZJkqI&google_cver=1&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4CcymQeH-8BrxAJ9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE932A23B67F4716A949249AFD62EB03&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4CcymQeH-8BrxAJ9

Request Chain 158

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBdS9nVCudM071TUuy-u7JA&google_cver=1&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G8DbsYdneoL87PX9V7vuIeIN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G8DbsYdneoL87PX9V7vuIeIN

Request Chain 159

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBJ-lSPCFWnHWnHaRT0OmNk&google_cver=1&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYwPwLUlfkJq5PYFdw0d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYwPwLUlfkJq5PYFdw0d&google_hm=LQ4b93g7QnWQ4OtM_-jj14Q

Request Chain 160

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOt7RcL3JBTW_HkR13lmDZ4&google_cver=1&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY7Uf0CUaW5bqZzr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY7Uf0CUaW5bqZzr

Request Chain 161

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIUC3dJyLy5HJrVAt88YnNw&google_cver=1&google_push=AXcoOmRA1W0v0J5r_qjfSGJWz2QhkjTBVuqn4DCCSFLORQnt-NEV9-yqYHmcrTGamnoA5kD-Nf-_6v375yegtLTbmrdFttlCkNGyRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRA1W0v0J5r_qjfSGJWz2QhkjTBVuqn4DCCSFLORQnt-NEV9-yqYHmcrTGamnoA5kD-Nf-_6v375yegtLTbmrdFttlCkNGyRw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

205 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rezistent.php Show response
www.esinonime.com/sinonim/ 170 KB
16 KB 2057ms
752ms Document
text/html 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 1beebb44a9b9ca8782f44dc194c79b6cb9bd0becc10d3dedece9a7b332eea32a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600
content-encoding: gzip
content-length: 15798
content-type: text/html
date: Tue, 10 Oct 2023 04:06:07 GMT
expires: Tue, 10 Oct 2023 04:16:07 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
vary: Accept-Encoding,User-Agent

GET
H2 200 style.css
www.esinonime.com/ 30 KB
3 KB 127ms
127ms Stylesheet
text/css 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.esinonime.com/style.css
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: d9bbff07154665c2118d30aceba129ece1336e71a0c0f517d4d7e15dd97c010a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 11:20:14 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "ceccaf-763b-5f99a7dc78816-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3223
expires: Thu, 09 Nov 2023 04:06:08 GMT

GET
H2 200 logo.gif
www.esinonime.com/imagini/ 1 KB
1 KB 126ms
126ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/logo.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 2921c039a05d2f6b4d502e6f6300ff5147312da6e94ecc45b9e43e40a4af4c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Fri, 03 Jul 2020 10:47:24 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "ceccaa-4c0-5a98740138b7f"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1216
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 lupa.gif
www.esinonime.com/imagini/ 356 B
434 B 136ms
127ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/lupa.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 20a349c37e70d87c740338bee2e1e219453bffd161798a614641b7bccb25554c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Fri, 03 Jul 2020 11:43:27 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "ceccb1-164-5a9880886dbce"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 356
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 115ms
47ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9275404951669525

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dd14c5a67d3663892dd61ae4395d5e00b05219511e3aac17f74e3d43cb8f4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Origin: https://www.esinonime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51038
x-xss-protection: 0
server: cafe
etag: 8816314380564590960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:08 GMT

GET
H2 200 patratel.gif
www.esinonime.com/imagini/ 58 B
134 B 143ms
134ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/patratel.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: fdb291f34e2d70b88e0b13d28f7cd702dac10cddab322bd3f867e4cbae08b9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Tue, 18 Apr 2023 11:43:59 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cecceb-3a-5f99ad2b73d30"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 58
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 patratel-gri.gif
www.esinonime.com/imagini/ 78 B
154 B 142ms
133ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/patratel-gri.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 49d3c8b90d59d1d0e7a5fcf3fcfe3d3cb79a4d945f41c729e4b42566f30156b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Tue, 18 Apr 2023 11:43:58 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cecd37-4e-5f99ad2abe306"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 78
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 336ms
259ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29d929cc30390f2ae6509ce09a6394f54fc83e55e6acc422b74fea6e228fc96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HAAPFKXS6C0TWVX10X7HF12W
date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 701
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 813bfd30a99f2bd9-FRA
link: <https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmVzaW5vbmltZS5jb20v>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 pix.gif
www.esinonime.com/imagini/ 327 B
405 B 139ms
130ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/pix.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 3b32b9d188c8ebacf9786b143fabc91ee396155e970bf8f9afe5a818f3300a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Tue, 21 Jul 2020 09:48:05 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cee409-147-5aaf0851430fc"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 327
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 alternative.gif
www.esinonime.com/imagini/ 2 KB
2 KB 137ms
128ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/alternative.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 5f18a599fd3cf068f2df9fb364ba2057724fea81bd2a95288f0c9dcec8835c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Tue, 28 Jul 2020 08:08:15 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cee40c-65b-5ab7bf0f02d41"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1627
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 facebook.PNG
www.esinonime.com/imagini/ 898 B
983 B 137ms
128ms Image
image/png 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/facebook.PNG
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 8b6723c3b6d791ea63bccc64243e4f75dce189ba494ab259b4ed9af0eaa9de51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Fri, 14 Aug 2020 07:08:33 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cee42c-382-5acd116be4089"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 898
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 whatsapp.PNG
www.esinonime.com/imagini/ 2 KB
2 KB 137ms
133ms Image
image/png 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/whatsapp.PNG
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 2d215a946e00260ddb8bfe06d632ad6d63b1e72a44e6e4a9f83c70e0718fd523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Fri, 14 Aug 2020 05:42:13 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "ce3b8a-859-5accfe20686ea"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2137
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 twitter.PNG
www.esinonime.com/imagini/ 1 KB
2 KB 137ms
133ms Image
image/png 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/twitter.PNG
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: a80a9e480e5fa60068b4959f319b7929f0bc67f51f8e5aba2ec67451d07c923a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/sinonim/rezistent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Fri, 14 Aug 2020 05:42:14 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cee42b-5eb-5accfe2118356"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1515
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 106ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175562270-1

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

073198cdcfe7323e68533e66c303d38e1d5bb4b1a6c1d244f760b353c39dff8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69060
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 04:06:08 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 90ms
35ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1134592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra%2FKJz7JkmiQtPJDwaJW11EKPScbXtRccxMVdSC%2F%2FQ3zOhg8b2MmU9p1PN6Yr8MUPTO79BbouCNL%2FIsHYjnPjYqbEt0%2Bh8irYw1fRjQlx49cobb2UlO8dQjIX6fXT0swcVUuSr3WaXxenz926yyPTTaG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 813bfd308b3a65df-FRA
expires: Sun, 29 Sep 2024 04:06:08 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 66ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 384330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdRCbJ4GR9AoY%2FiZhuEveYmSmDiXvEuxx4oHRn9B0xlGPk7Z0AJYtsmLpCV0GJgjZ7JrezJYU3vjxYGuGE5ei2P29a81GVY5JlHecw39xI0KHVBeucBm4894fOoa8NbehIGbmNvI1Gw3bwJZztLtCrqj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 813bfd308b3d65df-FRA
expires: Sun, 29 Sep 2024 04:06:08 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-esinonime/ 23 KB
6 KB 519ms
447ms Script
text/javascript 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15d92f5a40ea24c4fe8bcdb31c99a8576b32410a702e20d3e55cac8b3c219fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Oct 2023 03:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript;charset=UTF-8
vdo-server: Tag1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JTb%2B7DBN7B9qaG1N%2FPJJrONOkqUhAJWpJXa0TZae01hHhWeo0vpV2xVaStCCK3%2Fap1ATTf7C1F0tqTblkTTSw3Z8RigwwPW0IEWXzW0hj6NId98rwA9pVpv6XVvbfi02FudD20G"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 813bfd30dae93684-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 backround-top.gif
www.esinonime.com/imagini/ 61 B
137 B 136ms
136ms Image
image/gif 69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/imagini/backround-top.gif
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: a60829244bb117de9e3d7910a2f23ea19ad47ee70938fa086b6a7fbae64522e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
last-modified: Mon, 06 Jul 2020 09:54:49 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
etag: "cecce0-3d-5a9c2dd9061b8"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61
expires: Wed, 09 Oct 2024 04:06:08 GMT

GET
H2

200

404NotFound.php
www.esinonime.com/
Redirect Chain

https://www.esinonime.com/imagini/cerc-gol.png
https://www.esinonime.com/404NotFound.php

11 KB
11 KB

276ms
275ms

Image
text/html

69.167.137.97
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.esinonime.com/404NotFound.php
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/style.css
Protocol: H2
Server: 69.167.137.97 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.linkrapid.com
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:08 GMT
content-encoding: gzip
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
vary: Accept-Encoding,User-Agent
content-type: text/html
cache-control: max-age=600
content-length: 2438
expires: Tue, 10 Oct 2023 04:16:08 GMT

Redirect headers

location: https://www.esinonime.com/404NotFound.php
date: Tue, 10 Oct 2023 04:06:08 GMT
cache-control: max-age=600
expires: Tue, 10 Oct 2023 04:16:08 GMT
server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
content-length: 225
content-type: text/html; charset=iso-8859-1

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 197ms
82ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9275404951669525&plah=www.esinonime.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9275404951669525

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5618563a254853be0bcefda48fa58c597b06af827a58e94a3b35cf0d5c351550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135179
x-xss-protection: 0
server: cafe
etag: 8289570483167676089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 3BC1 10 KB
5 KB 86ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9275404951669525

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.v17.15.0.js Show response
live.demand.supply/ 82 KB
27 KB 111ms
110ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.15.0.js
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HAANKZ94E4GT7BEZGRJJD566
date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 2187944
cf-polished: origSize=84620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 813bfd327b0e2bd9-FRA

GET
H2 200 d3d3LmVzaW5vbmltZS5jb20v Show response
live.demand.supply/p4/v17-10-0/ 156 B
240 B 92ms
92ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmVzaW5vbmltZS5jb20v
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 813bfd327b0f2bd9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F6XDW6WXFS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175562270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e1fc8ddfce267472d52959d1ac4e31edbef7b792cb3353bdeb15b7b2a7430f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 04:06:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 332ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175562270-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 03:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Oct 2023 05:51:33 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
494 B 118ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=464&cs=c&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HASWEGRHPMSB2MYP3J26JW24
date: Tue, 10 Oct 2023 04:06:09 GMT
cf-cache-status: HIT
age: 1633938
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 813bfd331ee737c6-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 358ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f27b59a967bf744e274fdee878cd8ea27f575418f2dc76bada7909ff8ae51bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29862
x-xss-protection: 0
server: cafe
etag: 44 / 19640 / m202310050101 / config-hash: 3619239551914878840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:09 GMT

GET
H2 200 d3d3LmVzaW5vbmltZS5jb20vc2lub25pbS9yZXppc3RlbnQucGhw Show response
live.demand.supply/p4/v17-10-0/ 156 B
146 B 72ms
71ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmVzaW5vbmltZS5jb20vc2lub25pbS9yZXppc3RlbnQucGhw
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 813bfd329b222bd9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
620 B 317ms
30ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBF2M41APEAR3H76PVDFTY4B
date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 935327
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 813bfd346e0e0482-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 42ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8af3ed2b805f7d328bd48d358c33f4e1ee7fb84386146872332482b09d6b9927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 04:06:09 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 345ms
104ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:09 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 7 KB
2 KB 172ms
38ms XHR
application/json 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=esinonime.com%2Fsinonim%2Frezistent.php&tag=v-esinonime&domain=esinonime.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86dcb410df8e56ffc5be60fbb40221010f36841501d35f3b691a51dbf49675a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPA5p0BXhRYs1MLM6xMNoSff6fVnu%2B1HDYQR46v6zie4TDeNjkBcsU9mX17IDbp8eO0YhUbfjwnvWVMl6YbpQfLalD%2BEVYhfZsaA7WyHemqr3SX6LkOe2ta6K%2FrQcyBMZCYmuKT2DyPunKSfoTQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
cf-ray: 813bfd348f1dbb38-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 134ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.esinonime.com&callback=_gfp_s_&client=ca-pub-9275404951669525

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9275404951669525&plah=www.esinonime.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff50b858275e5772c70c6dd295e7a641b86783a7768657407f5572bef63f9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 59AF 11 KB
5 KB 205ms
167ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&adk=1812271804&adf=3025194257&lmt=1696903569&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768928&bpp=11&bdt=400&idt=309&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1211505324062&frm=20&pv=2&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed726167178038cce7e96003b125907e20f3ab8a0486b8c05ab11e3475452c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:09 GMT
expires: Tue, 10 Oct 2023 04:06:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D92A 722 B
582 B 185ms
147ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=280&slotname=6827685460&adk=4263746603&adf=3284178370&pi=t.ma~as.6827685460&w=974&fwrn=4&fwrnh=100&lmt=1696903569&rafmt=1&format=974x280&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768939&bpp=3&bdt=411&idt=333&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L0x8tbsXyF&p=https%3A//www.esinonime.com&dtd=342

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15014179dd2e56de46c386b0768619ad2a65b90490e9ab129296b90608fec652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:09 GMT
expires: Tue, 10 Oct 2023 04:06:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9001 722 B
532 B 209ms
176ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=175&slotname=8330670526&adk=1513661441&adf=3971004683&pi=t.ma~as.8330670526&w=700&fwrn=4&lmt=1696903569&rafmt=11&format=700x175&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768942&bpp=2&bdt=413&idt=343&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C974x280&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=59KDzXDOXd&p=https%3A//www.esinonime.com&dtd=351

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7536df061cf30df1015b80508ee45759474edac7f2a3547462bd79c7f9e0cc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:09 GMT
expires: Tue, 10 Oct 2023 04:06:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED9F 722 B
531 B 179ms
159ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9275404951669525&output=html&h=250&slotname=1601896056&adk=218572105&adf=1320837066&pi=t.ma~as.1601896056&w=305&fwrn=4&fwrnh=100&lmt=1696903569&rafmt=1&format=305x250&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696910768946&bpp=1&bdt=418&idt=362&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C974x280%2C700x175&nras=1&correlator=1211505324062&frm=20&pv=1&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078363%2C44804783%2C44805099%2C44804171&oid=2&pvsid=1604958438083996&tmod=505417562&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=zMGJznnY2O&p=https%3A//www.esinonime.com&dtd=366

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1efd6e9c5beea6f0533f8f48324ed9abbe1f4eece965d0c89a067bdef86c2b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:09 GMT
expires: Tue, 10 Oct 2023 04:06:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 esinonime.com_fluid_lb+sq_es-mid-desk2 Show response
live.demand.supply/cp/ 30 B
373 B 177ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/esinonime.com_fluid_lb+sq_es-mid-desk2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2de6231033512e6b72110fcd728f0b173efd3045350b710890bdd68700720ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 813bfd348e310482-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
482 B 30ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01H9SKG0DEEK04QS1B30RK8J7J
date: Tue, 10 Oct 2023 04:06:09 GMT
cf-cache-status: HIT
age: 1966079
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 813bfd34ae490482-FRA

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-8J9SC9WB3T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6XDW6WXFS&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7be92539464a6156283e6096f11b5a6a282a2f8b4ba719f218160d7ff8d99a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 04:06:09 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 93ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-F6XDW6WXFS&gtm=45je3a40&_p=51738394&_gaz=1&cid=322046335.1696910769&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1696910769&sct=1&seg=0&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6XDW6WXFS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 105ms
31ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F6XDW6WXFS&cid=322046335.1696910769&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6XDW6WXFS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
37ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6XDW6WXFS&cid=322046335.1696910769&gtm=45je3a40&aip=1&z=276556952

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-46&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f349ca91659f1a8711425a67900936d1f4cece42f85bca64ff0f5644ad0dd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64860
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 04:06:09 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 38ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8J9SC9WB3T&gtm=45je3a40&_p=51738394&_gaz=1&cid=322046335.1696910769&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696910769&sct=1&seg=0&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&en=loaded&_fv=1&_ss=1&_ee=1&ep.event_category=vdoaijs&ep.event_label=v-esinonime
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 49ms
32ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8J9SC9WB3T&cid=322046335.1696910769&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 416 KB
127 KB 48ms
43ms Script
application/javascript 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e5e6e187a84894c11ec5605afc7386d809a6a3509e45b591ac8bcfc0264927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 09 Oct 2023 08:49:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn23%2B32WiXIYmgRrCxKI87Z5EQbe%2BB7O3mwdp6DvIrOT8q8G5zpNLkbdthZLTwG%2FIXhIEIxdc8ywLzuabDQlycHcxGfBk27%2FLfzlwV5ZzreoIRHJdEYYAT4myKClv99Y6j62%2FFe%2B"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 813bfd355e813684-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
123 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-esinonime/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbedf98764f527a4a37eca854dba94d53a755825d1f28d87eedfced4f069b8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125855
x-xss-protection: 0
expires: Tue, 10 Oct 2023 04:06:09 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8J9SC9WB3T&cid=322046335.1696910769&gtm=45je3a40&aip=1&z=1173840407

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 30ms
27ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=51738394&t=pageview&_s=1&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ul=en-us&de=UTF-8&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1413131193&gjid=1553281672&cid=322046335.1696910769&tid=UA-175562270-1&_gid=1281095662.1696910770&_r=1&gtm=457e3a40&jsscut=1&z=10971271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ 419 KB
132 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60448
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134450
x-xss-protection: 0
server: cafe
etag: 18225737291834661133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Oct 2024 11:18:41 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 36ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=esinonime.com_fluid_lb%2Bsq_es-mid-desk2&pdc=0.19127578735351564&ucv=null&e=tcp&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01H9S0CPZ6FEESZ2YARZYFFQAW
date: Tue, 10 Oct 2023 04:06:09 GMT
cf-cache-status: HIT
age: 2327562
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 813bfd36c8170482-FRA

GET
H2 200 esinonime.com_fluid_lb+sq_es-mid-desk2 Show response
api.demand.supply/v17-10-0/a/ 363 B
630 B 191ms
175ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v17-10-0/a/esinonime.com_fluid_lb+sq_es-mid-desk2?&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01cbb9b0806f1036ac5456e9585b297b97d1762c729d3d86ab85237342da5a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"16b-9vjG4FrqpbfpZgV6XE3CsFVhVMc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 813bfd36e99837c6-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-175562270-1&cid=322046335.1696910769&jid=1413131193&gjid=1553281672&_gid=1281095662.1696910770&_u=YADAAUAAAAAAACAAI~&z=1661132759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 10 Oct 2023 04:06:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
27ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=51738394&t=pageview&_s=1&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ul=en-us&de=UTF-8&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=20416043&gjid=1116202524&cid=322046335.1696910769&tid=UA-113932176-46&_gid=1281095662.1696910770&_r=1&gtm=457e3a40&jsscut=1&z=1325856486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 105ms
105ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:10 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 vdo.player.8.0.js Show response
a.vdo.ai/core/assets/ 666 KB
186 KB 62ms
62ms Script
application/javascript 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.8.0.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6e29d2d126ebd6c86077886a38276ac9f4db80f5fdbd01fa06c4d6042da20f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 May 2023 13:06:27 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60q3eyE9R5fOOwLKLnXML1LkXbvqHgvfrti810IRZu2%2BHNB3lZjOAK0vBmg0vG7FOlyEE33uFBZ9iecbC4gVkeHBqf75%2Bk%2FDmHzigu82FTPQ018P2rx%2FNq3mQI7xcTeDSfkmEkGG"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 813bfd395d0591d1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v7.45.0.js Show response
a.vdo.ai/core/assets/ 477 KB
145 KB 40ms
40ms Script
application/javascript 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v7.45.0.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d835129c7a6015dad4e367ae9cd3c81ba677d8636d89311ddec29e91d0e0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Sep 2023 10:04:32 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLqbfyeEPgFgyV%2FhYpiuZGwRklsqqPGSSpHkSOoRcP46YxRHAPbIgmGE6t0%2BhdAn%2Fufem4vCWo7YqMdFWuVK2XYR1VjYX7ngn7dYFKdFwmq%2Bq2bwnj2XkLi0LqP62PwIxqkeoqm8"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 813bfd395d0691d1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 84ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-175562270-1&cid=322046335.1696910769&jid=1413131193&_u=YADAAUAAAAAAACAAI~&z=527021890

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-175562270-1&cid=322046335.1696910769&jid=1413131193&_u=YADAAUAAAAAAACAAI~&z=527021890

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 130ms
20ms Script
text/javascript 2600:9000:2250:b800:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Mon, 09 Oct 2023 05:16:05 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 82206
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: FwILPpDLAqKEBf0IJ_2ql5dkVjNclUxRIJS5aGWO6Z6XKq7aGqVbGQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 186ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Oct 2023 04:06:10 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 87ms
24ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:40:33 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 5138
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: HnCmKp2LJxhZclUAOrEkx-OLZI08Ja1Jc8xrKqxbtn7F6KzORmAUMQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 137 KB
30 KB 99ms
36ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:57:30 GMT
server: cloudflare
x-amz-request-id: B7B1GH8RBNS4QA18
age: 2931
etag: W/"cc596ad33b7bfdd4553b44192a81e29f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 813bfd3abc6590ee-FRA
x-amz-id-2: xdfa4ZbwXSLY/fpgkknNoyARhPo6NlLZRfGqoxMXdzMBflLpUPKc27eCOAI5KduTuMszYcSJUVFycU4QSL6DWg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 90ms
30ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1095
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFR59jyTEXfs8xz2NXl2hVl6HFhYY2AGB0cV3x3P8NolAGIOwmeXBVEi8vUNu9B5VXwvI0CjiWvxGwBnmGr9R7f0R75XSFfTdC2eoCuhZgC2yv3hLVGpZVrZ%2FotWijlGSf4Mm9R93bbTWpAparA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 813bfd3abbae3a4a-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 99ms
41ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 0e067f5d7ebf1f370310f269474cbdab
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 369ms
369ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1604958438083996&correlator=3806998364761464&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fif&iu_parts=26001828%3A37592960%2Cz1_dfp_ron_display_companion_b_pre&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50%7C468x60%7C320x100%7C300x100&ifi=6&didk=1850812150&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&abxe=1&dt=1696910770270&adxs=300&adys=568&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&vis=1&psz=570x-1&msz=570x-1&fws=4&ohw=570&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=true&dlt=1696910768528&idt=1706&prev_scp=site%3Desinonime.com&adks=2292865416&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b53015af71d5497bdf8366fbab2ae0a2675a7148955df11e2c8c57a8447615ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12673
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2901 6 KB
3 KB 113ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:10 GMT
expires: Wed, 09 Oct 2024 04:06:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 314ms
314ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1604958438083996&correlator=1959578031653154&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fif&iu_parts=44890869%3A37592960%2Cca-pub-3831894559014614-tag%2C8c6d09ec-7c31-4795-bdcf-79e0bce14454&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x280%7C480x320&ifi=7&didk=2073054010&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&abxe=1&dt=1696910770297&adxs=300&adys=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&vis=1&psz=700x-1&msz=700x-1&fws=4&ohw=700&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcY2YCOvrExSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRjZgI6-sTFIAFICCGQSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNmAjr6xMUgAUgIIZA..&dlt=1696910768528&idt=1706&prev_scp=ti%3D00eb517e-6649-4642-af39-b139b7952260%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26bsc%3D79&adks=1608132939&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

878b9cbdecbea68bab6a18fc24ee12ce4be93ee83d13df40d38b897343ac1443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12199
x-xss-protection: 0
google-lineitem-id: 5564063177
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 88ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10caf1e1bbca262b1a00dce458a9bd87a3889645f4e81bc32154b78e007e3d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 10 Oct 2023 04:06:10 GMT

GET
H2 200 16599447384462f0bf220db4e.png
h5.vdo.ai/media_file/v-esinonime/source/uploads/thumbnails/ 63 KB
63 KB 464ms
223ms Image
image/png 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/thumbnails/16599447384462f0bf220db4e.png
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 49609631a3323b2840b5e02ff4098ffcfef08c9d02eae3982b31f6ab42e6c2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
last-modified: Mon, 08 Aug 2022 07:45:43 GMT
server: openresty/1.21.4.1
etag: "62f0bf27-fa61"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64097
expires: Wed, 09 Oct 2024 04:06:10 GMT

OPTIONS
H2 204 16599447384462f0bf220db4e.m3u8
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ Frame 0
0 344ms
113ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.m3u8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.esinonime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 10 Oct 2023 04:06:10 GMT
expires: Wed, 09 Oct 2024 04:06:10 GMT
server: openresty/1.21.4.1

GET
H2 200 16599447384462f0bf220db4e.m3u8 Show response
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ 48 KB
8 KB 115ms
114ms XHR
application/vnd.apple.mpegurl 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 17b497fb6b31f0f4e4a33e728c43ee6ff5ce5889e5d1906c50fceb3f47d0eca7

Request headers

Referer: https://www.esinonime.com/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 07:48:59 GMT
server: openresty/1.21.4.1
etag: W/"62f0bfeb-bed3"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 09 Oct 2024 04:06:10 GMT

GET
BLOB 200
OK 79ef5861-718e-4410-b306-7648f0a652bf
https://www.esinonime.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.esinonime.com/79ef5861-718e-4410-b306-7648f0a652bf
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ff9c2f177b2e94ae06bc91591814722b2c5c7a316d35b99b8b7301fe083a23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 4972
Content-Type: application/javascript

GET
BLOB 200
OK 8e957c31-f2b4-44fd-bc68-080bce5ea040
https://www.esinonime.com/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.esinonime.com/8e957c31-f2b4-44fd-bc68-080bce5ea040
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57fb69517eb9419e43e0c437f7abc6084740619a4f040d6a84e2ef943e96fa73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 84492
Content-Type: application/javascript

GET
BLOB 200
OK f9007de4-7d04-45ed-a473-b684f1ef36dd
https://www.esinonime.com/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.esinonime.com/f9007de4-7d04-45ed-a473-b684f1ef36dd
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57fb69517eb9419e43e0c437f7abc6084740619a4f040d6a84e2ef943e96fa73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 84492
Content-Type: application/javascript

GET
H2 200 bridge3.594.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2093 724 KB
232 KB 22ms
20ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fc09b457d58e25fde4bb9d5ab8fa314895e9236e9f7ef9b4d9ccc865be8994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237563
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 00:12:51 GMT
expires: Sun, 06 Oct 2024 00:12:51 GMT
last-modified: Sat, 07 Oct 2023 00:05:39 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 88ms
29ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 04:06:10 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 105ms
104ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:10 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 68A5 40 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Oct 2023 04:16:40 GMT

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 33ms
31ms Image
image/svg+xml 2606:4700:21::681b:cc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:21::681b:cc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3SEfi5zQXVu9KAzABO31s7dDAvkRPzvlfD4Xf4tZtFyE0afUZadkJFtlaHY%2FKFQ2zJdhulQTpuizXnA9fQDpwBaDJiRjthgDUR8WbENF3Tl7KNbwz6IjBPnI1J2TyCONqZKRZBA"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 813bfd3c0e2991d1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 115ms
20ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.esinonime.com
date: Tue, 10 Oct 2023 04:06:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4a66ccde/www-widgetapi.vflset/ 212 KB
66 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

512c9862bb588a18908b13177fed2485bac5023c2557d8043fb962fcb9931265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66928
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 09 Oct 2024 04:02:54 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 383ms
45ms XHR
application/json 54.171.14.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 06878279d3f27c064e8972db64da662794e6fb2be0a8d7f1c9534a4b375bb1d3

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache
x-server: 10.45.1.243
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E3C0 15 KB
6 KB 114ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.esinonime.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 286739
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 106ms
106ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:10 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 207ms
104ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:10 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 307ms
104ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 311ms
112ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://www.esinonime.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET view
securepubads.g.doubleclick.net/pcs/ Frame 0D0C 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D0C 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 249ms
248ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1604958438083996&correlator=2241600232496396&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fif&iu_parts=44890869%3A37592960%2Cca-pub-3831894559014614-tag%2C5300da18-cf98-4440-a756-558950757c28&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x280%7C480x320&ifi=8&didk=2073054010&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&abxe=1&dt=1696910770842&adxs=300&adys=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&vis=1&psz=700x-1&msz=700x-1&fws=4&ohw=700&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNmAjr6xMUgAUgIIZA..&dlt=1696910768528&idt=1706&prev_scp=ti%3D00eb517e-6649-4642-af39-b139b7952260%26chrand%3Dy%26pof%3D0%26bid%3D0.13%26bid-p%3Dgoogle%26bsc%3D79&adks=3284803217&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab70ce4594ce24b89bbce01bcb2cb2d2ba1185d8660f7164653a744d886bac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12241
x-xss-protection: 0
google-lineitem-id: 5564062997
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D79 6 KB
3 KB 28ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:10 GMT
expires: Wed, 09 Oct 2024 04:06:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 16599447384462f0bf220db4e.ts
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ Frame 0
0 114ms
113ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.esinonime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 10 Oct 2023 04:06:11 GMT
expires: Wed, 09 Oct 2024 04:06:11 GMT
server: openresty/1.21.4.1

GET
H2 206 16599447384462f0bf220db4e.ts Show response
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ 875 KB
876 KB 245ms
244ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 2d101e192c5c713e41495da9ac9af7bfdb68ebe07cfc051ba33b33dbfca1c4e3

Request headers

Referer: https://www.esinonime.com/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-895819

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
last-modified: Mon, 08 Aug 2022 07:48:59 GMT
server: openresty/1.21.4.1
etag: "62f0bfeb-f36cd04"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 0-895819/255249668
cache-control: max-age=31536000
Content-Length: 895820
expires: Wed, 09 Oct 2024 04:06:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E3C0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=esinonime.com&sn=ChromeSyncframe&so=0&topUrl=www.esinonime.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AjL0qHxKZ3F3cUFQVHJSNWljNWpnUE40a1QyVG1MK2NnUFNJMzl5aFAwUG9QL0FuRzN2T0E5c29wOUpSOFQ0eXo0QTBCcS9mTGlsT0ZwTlFnbU95Q2JKcForMjZway9jemhlWVBPZGd1SU1ZdkhYL1JIdHZiQVVYcXhmN2...

449 B
659 B

100ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AjL0qHxKZ3F3cUFQVHJSNWljNWpnUE40a1QyVG1MK2NnUFNJMzl5aFAwUG9QL0FuRzN2T0E5c29wOUpSOFQ0eXo0QTBCcS9mTGlsT0ZwTlFnbU95Q2JKcForMjZway9jemhlWVBPZGd1SU1ZdkhYL1JIdHZiQVVYcXhmN2VDWGMrYVFJOEdUeG94UjVpSDROeUR4U3BqUVQzZGM0a3k2SzBGR2hGcDNIcmNRcndCMWFpQXJqRE4xK2tCRzZIZWVNYmtLbkxBWmZZZDBMK2ZadU5BUVd3b0srR0ZpWGFnSS9hRmdUeGRDdU84UWVUWXAzTnBaYm1ZeXlCV3MyR3BwZWZoTERmWklBazN0MW0zZWozeHFRRXRsQTFiWVh3eEZtVi8vUWFMT0EvU3N2Y0JTOD18&cppv=2

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7af29b314966755f6800f35e7ca3525662fb40c74b19e84862586bd2ae06ab91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1155893
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AjL0qHxKZ3F3cUFQVHJSNWljNWpnUE40a1QyVG1MK2NnUFNJMzl5aFAwUG9QL0FuRzN2T0E5c29wOUpSOFQ0eXo0QTBCcS9mTGlsT0ZwTlFnbU95Q2JKcForMjZway9jemhlWVBPZGd1SU1ZdkhYL1JIdHZiQVVYcXhmN2VDWGMrYVFJOEdUeG94UjVpSDROeUR4U3BqUVQzZGM0a3k2SzBGR2hGcDNIcmNRcndCMWFpQXJqRE4xK2tCRzZIZWVNYmtLbkxBWmZZZDBMK2ZadU5BUVd3b0srR0ZpWGFnSS9hRmdUeGRDdU84UWVUWXAzTnBaYm1ZeXlCV3MyR3BwZWZoTERmWklBazN0MW0zZWozeHFRRXRsQTFiWVh3eEZtVi8vUWFMT0EvU3N2Y0JTOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 253757
content-length: 0
expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B5F6 624 B
288 B 35ms
34ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjVmrvGATAB&v=APEucNWyHVzWl9E2Pip2ry1sXPaCeAqQIIq98uGczNwAc8slXd4pLJctb4ojchNpv3d74OnR5MmUxrUJZF3DxFgSazyBfwfuLvRbuCqiDzdQa5qUI_nK_ymSjV_sNFq19LYzyEyj6YELsTp-gxm-x9v6VzGpSnf1SQwblDPJ4RfcTExpWdEJHvSVXJ7PMFo4jYnFtaEdQ3Yf0YwRqK3jfiQa24jtZlTSYA

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5D79 89 KB
31 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D79 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXL8KG49n2vCNprR5OQFrCkm18nzylz8egipEjiNJczvinR9Wiyhrmv5F8Vijz9oLALkAm_o43HZXC7dzPW4k1sfMkZBYGK0I2gFqxlF5LQMuYv3U

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D79 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9253889030278206894&x=1&ct=77

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5D79 3 KB
1 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5D79 20 KB
9 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5D79 0
0 28ms
28ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQP8gDyYsjYtik7ia_V6SOYUHzy-3YIW6HlAx4hLpPXXKBKmo1v0rWJ-DP9CYP9CI1TzrLxf3Ul2k0FgJWtkutnf2EnGw
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D79 187 KB
59 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:11 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame CBE8 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBE8 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
18 KB 269ms
268ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1604958438083996&correlator=774327452827447&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fif&iu_parts=44890869%3A37592960%2Cca-pub-3831894559014614-tag%2C2741098b-4d3a-4b04-b64b-6cb8cc5ea35d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x280%7C480x320&ifi=9&didk=2073054010&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&abxe=1&dt=1696910771180&adxs=300&adys=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&vis=1&psz=700x-1&msz=700x-1&fws=4&ohw=700&ga_vid=322046335.1696910769&ga_sid=1696910769&ga_hid=51738394&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&dlt=1696910768528&idt=1706&prev_scp=ti%3D00eb517e-6649-4642-af39-b139b7952260%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D79&adks=2977846049&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104345f7b2c3aff05a26a7aeb976d33689427dd9c62124d5493c6c53c418ad17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17989
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B5F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1

43 B
339 B

39ms
39ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjVmrvGATAB&v=APEucNWyHVzWl9E2Pip2ry1sXPaCeAqQIIq98uGczNwAc8slXd4pLJctb4ojchNpv3d74OnR5MmUxrUJZF3DxFgSazyBfwfuLvRbuCqiDzdQa5qUI_nK_ymSjV_sNFq19LYzyEyj6YELsTp-gxm-x9v6VzGpSnf1SQwblDPJ4RfcTExpWdEJHvSVXJ7PMFo4jYnFtaEdQ3Yf0YwRqK3jfiQa24jtZlTSYA
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZVJUtMPZflaKqgmtvsBo4TjztLKL3mgOzIDW%2BGc%2BadoFpMzzgblVAIlcjwThN7%2FP7G2h1I3fPIIuJmRFHKEppJdObKNe49GdFLH1WsESKn8yOT%2FxK90w2tq3La3zhHvgHnFl3ORi9qPyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813bfd40ad9c9208-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B5F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSTNsz-K6cENgPJ89edsyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1

43 B
770 B

35ms
35ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjVmrvGATAB&v=APEucNWyHVzWl9E2Pip2ry1sXPaCeAqQIIq98uGczNwAc8slXd4pLJctb4ojchNpv3d74OnR5MmUxrUJZF3DxFgSazyBfwfuLvRbuCqiDzdQa5qUI_nK_ymSjV_sNFq19LYzyEyj6YELsTp-gxm-x9v6VzGpSnf1SQwblDPJ4RfcTExpWdEJHvSVXJ7PMFo4jYnFtaEdQ3Yf0YwRqK3jfiQa24jtZlTSYA
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ULvA8RIKrCPufQIx6ELzKN%2Fcmpg0JE3STqoZwlcATRZfgxlybs7BxHKCBX3wXhbva%2FImYiTklRj1BE0TNGr5qFKk9%2BaWxXePHc3b6%2Fd3qnO3OmJmds6NT1ope7plN8LG7WFQ5xCl30hlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813bfd41087c368a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKM-CNnp4ld0vZ5MOL93OW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame B5F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJOX7oieOXbWEB49ZIRApPE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOX7oieOXbWEB49ZIRApPE%26google_cver%3D1

43 B
891 B

30ms
30ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOX7oieOXbWEB49ZIRApPE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjVmrvGATAB&v=APEucNWyHVzWl9E2Pip2ry1sXPaCeAqQIIq98uGczNwAc8slXd4pLJctb4ojchNpv3d74OnR5MmUxrUJZF3DxFgSazyBfwfuLvRbuCqiDzdQa5qUI_nK_ymSjV_sNFq19LYzyEyj6YELsTp-gxm-x9v6VzGpSnf1SQwblDPJ4RfcTExpWdEJHvSVXJ7PMFo4jYnFtaEdQ3Yf0YwRqK3jfiQa24jtZlTSYA

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
an-x-request-uuid: 718769ba-25aa-480f-a98b-d748070467fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
an-x-request-uuid: 7a73281e-4e34-4779-9006-2bf6a3b4a6c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOX7oieOXbWEB49ZIRApPE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5F6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODYzMTQ2OTQ1MjM3MzM1Mw%3D%3D

170 B
243 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODYzMTQ2OTQ1MjM3MzM1Mw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
an-x-request-uuid: 1ddb2be9-9dc2-4305-a497-1283745342b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODYzMTQ2OTQ1MjM3MzM1Mw%3D%3D
x-proxy-origin: 217.114.215.132; 217.114.215.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D79 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8114995747213&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D79 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8114995747213&version=m202309260101&ct=77&x=1&cor=9253889030278207000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5D79 16 KB
12 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4ctV_P5GYM-r7M3KSiGPWErFZlHKWsyP7NYjB7Z1hJUFhaJlsE89i82-W3NbkKU1Crz1kf-Zz9DbjLMO2df4qNt0Y25eh_nHA_9mqYiLsMIyyjEVA-ql13XtLh_qI2zaF_dHmfzkhQjRpRz31imNk8nowmVyaKbvGZTqFBeD_rhF47R8&cry=1&dbm_d=AKAmf-B2o7AkjrCKWSYGT7fYsTpjF0JjKbpTfDrzehScYXFF3hmSSrtyv3PR6U7hZZpsUX846C0sNHY0okRyq-afINDbdOfP5MEaTIztr5NrTcEPT_mRIwL-7-gueckqwDvHuRvv6W4S9QWWjQhfIt3VChfvmDWAVbiB4Oto9pIExeKm6masK4WB-ATMKj2CcwaDRErSynZ-QtQw7RjEEBHWysdgaSd0zV-uUTCfxHAxhcOgZzDFn0iPEglrFBtBpbul8Vc-E__MG-S-fDA42dZYjpuUxkVt94U12vRjSdnSwDUP5Di5ho4iRoILopU2HHMuurNo5REFCldzJ3epJNrS695_cCICutEP2badYwz4xagMiT8UUyp3WQjKdgk1de3BEzUnyXOiDSiwYvvdEQ9ycMWsY2WgnFmgGy6gtqEyQj5Lb_2y1R4mK95lXNeEI9PbGIXI1FMes4haJO-5mg1MQQPhOluxmc7_XFdToH10bORFWbVx9QuDsBpDPNLozJBexiStiprQF5tOnxj8GxRgkN-7Bu_5KwT6kcILWrSGgL4j3u06RPvCWjsesVT_UyEBlJy-Ir_zkjG4FRkw3slPT9U8dzINpUlS4rx2Ys-iJ4c3j4GTK8D1a5TtKF0vxCLJJn4V0CErnIFdqCZlSC5_PsGaszQ3j8ieObLIIkkE7EgwIiF5tgt_Jg4mHPImwzXq09B8J7mQ_tuInZ9xqtvuOmcTv29I8Yw950T2HnOMlw78XnVgYVdHq_oTYCbz25ZIKpkFHD6Ha7eJ-HIBxOLHEvItollnZ4F7F1tMlri-_zfH41ubi1rgY08rY4l4kcRoze7FgVLtGnLhZnSXj5tGhj-jfE_vYrpy5x-NUx1Jnecl_2gZZy9DXym0qONGb5lGespMeepO9u-Q3zx6a_SZx-TvwiQBK_CFzHps38il57el9LFMMltckDKXSO_eSLoanZEfT2YKbBNv469uks3HOBLFO1qEcwKID9UaCSex2RSdr8J_yssOcavvfl-ce33wjalaqtueePbAZaGHkk_8ryyAjdsVHmSOJ1zgyFaCQ4IK1_QAHb5O_jLCPyC224HZ9dKRijqe5NXdVp5sOgkBCLjvCwg54vxoFqVOqLBqr_mOuq_OlReFkdhqz2IZZSfMZhAbT7vYmmeeXMIktEZKTPyHrsFRKF-p8gMD5JS1ac9bU1F-7P1c4IlgSwydRKQL4BdqMvHpT-GXlEGCJvf85OHFj-0rwYUR91NRrXZo01Mgux-x0wqPyDMGDs__xemJzFGL2NL5uheGEdAHRLULPWcm401LAiBgyh6u8QZuAutmv9MNpPzCy707a0GNFBaFAKs5nez4CH0dgDURRQCUoBHpDgZxnXZ3BUlsmsIgpYto9RR3ojS5fTaRBEDMjH7403AKTxSn8AtthT-hhAE7No1v8r7k08yhufW0MFx6MVETgwTmtNZQ7C2AWmvO-Nz080w0FEZzMWhiQEMVBvNMNfGmiNNXlRZzVpJBln7hXd5Zvz5HdRDWDq0igdhWZaYJGz2208GBtYEyXqFIByya0i8goySuVEowiosBNfN3roXwy-MoXYV29ozN7goDdJBdb6CcVlawJo4aJNxwZgxVdnQOp9Vl-FU8nFZF3UgXRaeiYklS_6WuNvLNM7XKLnegAwqIjKQExOTq0eBA8ZB7O1bMEj0u4kqKKFe-7Sh9dEMOg6q89piuV6YA3xZFRUQ490Bha4KUoLFBhoSo0LNaG7Je7RgKOZxnWlORquzC1-Sn_pPDEPIyQHWEAoskA5Rn9uHFp9UGm7gNyVeM6YQ9T1_Mi8L6lrOUF01VxxRYajUh0HRZaRGJxMaUpdrdF0kL_87C5Nwf0z2wRO5_5To-_EDdswpGPLiq3vdZgsT-FSi6sq6S4G754CR8M7kgTxmiMyZkRFLizDvlfAWIPcpI5PtIAZxny02DjlUOs57mICirubIVQv4lC6KTRj52Dbpkg5l7Zwhv-EeluZA7e7oAsJXfPeGMrrNE4a7-9gttHZcju_PLWJbWwpDvjPb3t1R5Mve5TrZEnFspG68o-bs1kaoL1Vy3cd5h-9sobTfZhXQRoVTwTZu6ahFAuQ1n8G9EGCxL6dlgxNGQ-yDvPG6frlaqooNm0cOiJ3oUdfPChhulYm2XynmUYY8iNXELUxfFcSJ5xuJPXZpVNLEmaEqeMmtBNxYyEu1U3Jtxs6qohGxHpK-GO5ay3B6ljmyVJ-pTrmsV_VoKIMZI6LNWPGA6kYM-Sj77QNxLB7THkwB1oOhgJP2hQmZIF2RGtsujJGVJHet5f_i2zPWCYZrTSitIiZGtNni0ZPl7LYl4po9tABIoq7A0Q8VCv5pGHusnt2Ymf-nnw2pcDMju9W2uqxAZ7fPQF1rCEuR3-hMvEH45sFR-5Gk32O6a3F-M_Z1fAXs3jNPYH5hX3Mrk7uAk2JgB7fKj1JLXt_3tFiHCzVwNj-VDrHTyfhHe_7yV7NZ-E_CDlyO-fsg2IsITsGN6usTDe430o7pvQmteI7stmYJxBSTonpTARRSgF9qoK61L_vXohw2McD4p_IgEGDqEgAGBN2S3_l_3Yb_MO6mAcLDvVocAwoCGIuxa5maXOO_6Nc4X1EwFiDE51d8VP_j-OX12HeDmirWTmLzkamJbVivRXDyBCkq_MmX0TOBZ-0gWpRdQgt8poshlJx_NIv-liUFV29P70aplK4gboiW0q-gqe03K0vz5pB_bvTo3vHgc-HUmmcZjr5MpIWKzXfGpS6RywWnOEtavA-uSIRZMEl1GbXRei-icKYwQl6q6nrtZqitU94b3T8iyhMeU2NAo7GUI-_KPAmmIdqCjwPLWCZvkpIn-0lMsVTEiiEY3UrcoCADXgKyi_rh2YWVdCf7HNph0YFt1CG7fTQc0s-NZ8dbrYdeX994U6LAy9I4vEKOUAA8ceCabv3oBWqLqrrIVyYAFCg0a26jYgLgxlVA2EYfpfX-KEFF3eT-IZc4NqPqfPWqyIBzgdFkWR-GRWoiOwtYwRiYMiRJKNMfSB2d2iGxydUrtMM08InRlVGMbnjznYxqToOYZ_V4aFmjJun2qfkt5kGfBJW8B4X6t7ZOI4DLkWzI2QkcTfUaKlNROr2SbLkdLcZ3PHPSkJgIwH-NQc5xdLIeElcTZ_6WUAooa3GF3nkb6Wxqyi6AXeXgB980QtZNm1YGh5vpdCACnzPZKHw-r17pHT-CDUrdwBDT71xT1-xS7orOb_z0YVhqXq_YHkwchO8BRUA_llBsSnhZHMw4viSbKmFO59GrXxbpagURYYbWB5MQNbixIOayvQsRgQu92xlyT6mk2DJOfqBR0OrL_SR4WH6EFZ6EDGFWV4PHgBPV3agT3FnKAoCIx10FPVIPuRrpgU_d5ax5UJVElZ0MOPzuREIb40rMl_DOaaVt9Hbbr0IqrOAjB7EZs4awzmNRBh9L_ryCLz0aETP05Uz1VGvi-w7MWTvmG3wRCrHNfY0T9sfY1c3X_a63XQZy4A0aslFm1lUvn41D8t0q9zRJ_rPtgABvzuPmpNm7yapqs_T5KZYjVkmPAWi7tAL7ofmaj0D3pUov4eH_uogh8r9BwQFHkoqLkPplOAhgcBgCUSLx81S1VMfTds_6ZKxORV1G3_IvL1rUL7l5lcbKXS2dZudXnIGnRyAMmVBMehNF0pXTZ2JdCYFAj_eiC3vTgpdZhMQUIXRle_WIQavtRRVa7DyzDomr9cZhovCqiP2GtITL3Fi3RnxYHpUlaRDAkbIttRYHG7dJNGW3X5bexaS_Gv1dzPNFSYwRaABdqXz3iAQGyzv5zTV0MoMNhwhdIDhOSSszAyBffUlZLfUQPwR-K8oXb9uHM8KxJq9-JqshsoA4lcizlzOQLzR60YtakCyahXfB6pVonjFRs2dJ5TUEiHVmTGvocGPStpe8XCQswPBnVjzse2_rbVdNer_ioEydHhiyueAIYo7DyH4VNzHK3mNyXUg8SRqWHUnbQv_3ecpnSIUWF4uQE34r4My1uQXeGcE8FfaQN8a0YuDLk0UXLTz9S___4ofDM_xYLMg6CIeK0CFdNbVJniVi0Oslvjqo5EdV84OFX&cid=CAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.esinonime.com%2F&ds=l&xdt=1&iif=1&cor=9253889030278207000&adk=3944675600&idt=45&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10291ca635258dd15e8e6db93a836f6a1da95e084996cf2ddeb7ffeae754df9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D79 41 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4ctV_P5GYM-r7M3KSiGPWErFZlHKWsyP7NYjB7Z1hJUFhaJlsE89i82-W3NbkKU1Crz1kf-Zz9DbjLMO2df4qNt0Y25eh_nHA_9mqYiLsMIyyjEVA-ql13XtLh_qI2zaF_dHmfzkhQjRpRz31imNk8nowmVyaKbvGZTqFBeD_rhF47R8&cry=1&dbm_d=AKAmf-B2o7AkjrCKWSYGT7fYsTpjF0JjKbpTfDrzehScYXFF3hmSSrtyv3PR6U7hZZpsUX846C0sNHY0okRyq-afINDbdOfP5MEaTIztr5NrTcEPT_mRIwL-7-gueckqwDvHuRvv6W4S9QWWjQhfIt3VChfvmDWAVbiB4Oto9pIExeKm6masK4WB-ATMKj2CcwaDRErSynZ-QtQw7RjEEBHWysdgaSd0zV-uUTCfxHAxhcOgZzDFn0iPEglrFBtBpbul8Vc-E__MG-S-fDA42dZYjpuUxkVt94U12vRjSdnSwDUP5Di5ho4iRoILopU2HHMuurNo5REFCldzJ3epJNrS695_cCICutEP2badYwz4xagMiT8UUyp3WQjKdgk1de3BEzUnyXOiDSiwYvvdEQ9ycMWsY2WgnFmgGy6gtqEyQj5Lb_2y1R4mK95lXNeEI9PbGIXI1FMes4haJO-5mg1MQQPhOluxmc7_XFdToH10bORFWbVx9QuDsBpDPNLozJBexiStiprQF5tOnxj8GxRgkN-7Bu_5KwT6kcILWrSGgL4j3u06RPvCWjsesVT_UyEBlJy-Ir_zkjG4FRkw3slPT9U8dzINpUlS4rx2Ys-iJ4c3j4GTK8D1a5TtKF0vxCLJJn4V0CErnIFdqCZlSC5_PsGaszQ3j8ieObLIIkkE7EgwIiF5tgt_Jg4mHPImwzXq09B8J7mQ_tuInZ9xqtvuOmcTv29I8Yw950T2HnOMlw78XnVgYVdHq_oTYCbz25ZIKpkFHD6Ha7eJ-HIBxOLHEvItollnZ4F7F1tMlri-_zfH41ubi1rgY08rY4l4kcRoze7FgVLtGnLhZnSXj5tGhj-jfE_vYrpy5x-NUx1Jnecl_2gZZy9DXym0qONGb5lGespMeepO9u-Q3zx6a_SZx-TvwiQBK_CFzHps38il57el9LFMMltckDKXSO_eSLoanZEfT2YKbBNv469uks3HOBLFO1qEcwKID9UaCSex2RSdr8J_yssOcavvfl-ce33wjalaqtueePbAZaGHkk_8ryyAjdsVHmSOJ1zgyFaCQ4IK1_QAHb5O_jLCPyC224HZ9dKRijqe5NXdVp5sOgkBCLjvCwg54vxoFqVOqLBqr_mOuq_OlReFkdhqz2IZZSfMZhAbT7vYmmeeXMIktEZKTPyHrsFRKF-p8gMD5JS1ac9bU1F-7P1c4IlgSwydRKQL4BdqMvHpT-GXlEGCJvf85OHFj-0rwYUR91NRrXZo01Mgux-x0wqPyDMGDs__xemJzFGL2NL5uheGEdAHRLULPWcm401LAiBgyh6u8QZuAutmv9MNpPzCy707a0GNFBaFAKs5nez4CH0dgDURRQCUoBHpDgZxnXZ3BUlsmsIgpYto9RR3ojS5fTaRBEDMjH7403AKTxSn8AtthT-hhAE7No1v8r7k08yhufW0MFx6MVETgwTmtNZQ7C2AWmvO-Nz080w0FEZzMWhiQEMVBvNMNfGmiNNXlRZzVpJBln7hXd5Zvz5HdRDWDq0igdhWZaYJGz2208GBtYEyXqFIByya0i8goySuVEowiosBNfN3roXwy-MoXYV29ozN7goDdJBdb6CcVlawJo4aJNxwZgxVdnQOp9Vl-FU8nFZF3UgXRaeiYklS_6WuNvLNM7XKLnegAwqIjKQExOTq0eBA8ZB7O1bMEj0u4kqKKFe-7Sh9dEMOg6q89piuV6YA3xZFRUQ490Bha4KUoLFBhoSo0LNaG7Je7RgKOZxnWlORquzC1-Sn_pPDEPIyQHWEAoskA5Rn9uHFp9UGm7gNyVeM6YQ9T1_Mi8L6lrOUF01VxxRYajUh0HRZaRGJxMaUpdrdF0kL_87C5Nwf0z2wRO5_5To-_EDdswpGPLiq3vdZgsT-FSi6sq6S4G754CR8M7kgTxmiMyZkRFLizDvlfAWIPcpI5PtIAZxny02DjlUOs57mICirubIVQv4lC6KTRj52Dbpkg5l7Zwhv-EeluZA7e7oAsJXfPeGMrrNE4a7-9gttHZcju_PLWJbWwpDvjPb3t1R5Mve5TrZEnFspG68o-bs1kaoL1Vy3cd5h-9sobTfZhXQRoVTwTZu6ahFAuQ1n8G9EGCxL6dlgxNGQ-yDvPG6frlaqooNm0cOiJ3oUdfPChhulYm2XynmUYY8iNXELUxfFcSJ5xuJPXZpVNLEmaEqeMmtBNxYyEu1U3Jtxs6qohGxHpK-GO5ay3B6ljmyVJ-pTrmsV_VoKIMZI6LNWPGA6kYM-Sj77QNxLB7THkwB1oOhgJP2hQmZIF2RGtsujJGVJHet5f_i2zPWCYZrTSitIiZGtNni0ZPl7LYl4po9tABIoq7A0Q8VCv5pGHusnt2Ymf-nnw2pcDMju9W2uqxAZ7fPQF1rCEuR3-hMvEH45sFR-5Gk32O6a3F-M_Z1fAXs3jNPYH5hX3Mrk7uAk2JgB7fKj1JLXt_3tFiHCzVwNj-VDrHTyfhHe_7yV7NZ-E_CDlyO-fsg2IsITsGN6usTDe430o7pvQmteI7stmYJxBSTonpTARRSgF9qoK61L_vXohw2McD4p_IgEGDqEgAGBN2S3_l_3Yb_MO6mAcLDvVocAwoCGIuxa5maXOO_6Nc4X1EwFiDE51d8VP_j-OX12HeDmirWTmLzkamJbVivRXDyBCkq_MmX0TOBZ-0gWpRdQgt8poshlJx_NIv-liUFV29P70aplK4gboiW0q-gqe03K0vz5pB_bvTo3vHgc-HUmmcZjr5MpIWKzXfGpS6RywWnOEtavA-uSIRZMEl1GbXRei-icKYwQl6q6nrtZqitU94b3T8iyhMeU2NAo7GUI-_KPAmmIdqCjwPLWCZvkpIn-0lMsVTEiiEY3UrcoCADXgKyi_rh2YWVdCf7HNph0YFt1CG7fTQc0s-NZ8dbrYdeX994U6LAy9I4vEKOUAA8ceCabv3oBWqLqrrIVyYAFCg0a26jYgLgxlVA2EYfpfX-KEFF3eT-IZc4NqPqfPWqyIBzgdFkWR-GRWoiOwtYwRiYMiRJKNMfSB2d2iGxydUrtMM08InRlVGMbnjznYxqToOYZ_V4aFmjJun2qfkt5kGfBJW8B4X6t7ZOI4DLkWzI2QkcTfUaKlNROr2SbLkdLcZ3PHPSkJgIwH-NQc5xdLIeElcTZ_6WUAooa3GF3nkb6Wxqyi6AXeXgB980QtZNm1YGh5vpdCACnzPZKHw-r17pHT-CDUrdwBDT71xT1-xS7orOb_z0YVhqXq_YHkwchO8BRUA_llBsSnhZHMw4viSbKmFO59GrXxbpagURYYbWB5MQNbixIOayvQsRgQu92xlyT6mk2DJOfqBR0OrL_SR4WH6EFZ6EDGFWV4PHgBPV3agT3FnKAoCIx10FPVIPuRrpgU_d5ax5UJVElZ0MOPzuREIb40rMl_DOaaVt9Hbbr0IqrOAjB7EZs4awzmNRBh9L_ryCLz0aETP05Uz1VGvi-w7MWTvmG3wRCrHNfY0T9sfY1c3X_a63XQZy4A0aslFm1lUvn41D8t0q9zRJ_rPtgABvzuPmpNm7yapqs_T5KZYjVkmPAWi7tAL7ofmaj0D3pUov4eH_uogh8r9BwQFHkoqLkPplOAhgcBgCUSLx81S1VMfTds_6ZKxORV1G3_IvL1rUL7l5lcbKXS2dZudXnIGnRyAMmVBMehNF0pXTZ2JdCYFAj_eiC3vTgpdZhMQUIXRle_WIQavtRRVa7DyzDomr9cZhovCqiP2GtITL3Fi3RnxYHpUlaRDAkbIttRYHG7dJNGW3X5bexaS_Gv1dzPNFSYwRaABdqXz3iAQGyzv5zTV0MoMNhwhdIDhOSSszAyBffUlZLfUQPwR-K8oXb9uHM8KxJq9-JqshsoA4lcizlzOQLzR60YtakCyahXfB6pVonjFRs2dJ5TUEiHVmTGvocGPStpe8XCQswPBnVjzse2_rbVdNer_ioEydHhiyueAIYo7DyH4VNzHK3mNyXUg8SRqWHUnbQv_3ecpnSIUWF4uQE34r4My1uQXeGcE8FfaQN8a0YuDLk0UXLTz9S___4ofDM_xYLMg6CIeK0CFdNbVJniVi0Oslvjqo5EdV84OFX&cid=CAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.esinonime.com%2F&ds=l&xdt=1&iif=1&cor=9253889030278207000&adk=3944675600&idt=45&cac=0&dtd=29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 448474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK znhqi8lr1f8g Show response
hal9000.redintelligence.net/zone/ Frame 5D79 12 KB
4 KB 103ms
27ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/znhqi8lr1f8g?subid=&gdpr=&gdpr_consent=&rnd=1696910770322670&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e475ae356d975e0b79565cf2539329c7236c71ec21c652087a194218a00058f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 04:06:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4264
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C07 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 443980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C07 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 603581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:26:30 GMT

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 5D79
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

215ms
164ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.esinonime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.esinonime.com&random=1603155566798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: ced6796376726fde380f7703ca44b5a408a510a0195b0db97bf2a0c2b95b01b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 04:06:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 16484200006708004445000012473028
Connection: close
Content-Length: 1050
Expires: Tue, 10 Oct 2023 05:06:11 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.esinonime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.esinonime.com&random=1603155566798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 10 Oct 2023 05:06:11 +0200

GET
H3 200 container.html Show response
a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE6C 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:10 GMT
expires: Wed, 09 Oct 2024 04:06:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=esinonime.com_fluid_lb%2Bsq_es-mid-desk2&pn=1&sn=3&pc=0.19127578735351564&ds=true&e=wdp&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01H9S0CPZ6FEESZ2YARZYFFQAW
date: Tue, 10 Oct 2023 04:06:11 GMT
cf-cache-status: HIT
age: 2327564
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 813bfd41d9240482-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=esinonime.com_fluid_lb%2Bsq_es-mid-desk2&sy=ec3bf634-422f-4cd0-a3d4-52f4ad4c2651&ts=79&cd=2&pud=464&pus=c&pue=2536&pid=112&pis=c&pie=2673&ppd=93&pps=a&ppe=2655&pcl=2444&ttc=3679&tti=5026&ttif=0&lca=2673&lcak=pie&lct=2673&lctk=pie&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.esinonime.com&mlre=undefined&mlin=0&mlsi=700x280&mlbw=4g&mlcs=NaN&mltp=00eb517e-6649-4642-af39-b139b7952260&e=lm&dsReferer=ZXNpbm9uaW1lLmNvbS9zaW5vbmltL3JlemlzdGVudC5waHA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01H9S0CPZ6FEESZ2YARZYFFQAW
date: Tue, 10 Oct 2023 04:06:11 GMT
cf-cache-status: HIT
age: 2327564
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 813bfd41e9390482-FRA

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame FE6C 46 KB
12 KB 150ms
68ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: gzip
content-length: 11833
last-modified: Tue, 22 Aug 2023 10:30:48 GMT
server: AkamaiNetStorage
etag: "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 10 Oct 2023 08:06:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FE6C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FE6C 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FE6C 0
0 36ms
36ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVexjIagacEmfrmFVd1A2ZltZU8WxzNALtAeSAGImZGepj3ffHf-t6T3PvvjOmQCM2O-1ifFgnKGaq2vlL-rrywp3rLw
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FE6C 24 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 336722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE6C 187 KB
59 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 04:06:11 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame FE6C 990 B
1 KB 40ms
39ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 04:06:11 GMT
date: Tue, 10 Oct 2023 04:06:11 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/X7RCGE6SQKS4E7IMJQU27VMPZY5U6U7KOA5REMTY77LBLYUE2OKUCDXRK24ZVLZEFE7QZDSZ5T275F24F37JSCO667JRVEX2Y726FSMIS7G2G3ZTBVX5IAPFD2VSRWFRUWIGYSKVOHJLIBAIX56NNXVTSZ6HOV... Frame FE6C 26 B
151 B 110ms
26ms Image
image/gif 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/X7RCGE6SQKS4E7IMJQU27VMPZY5U6U7KOA5REMTY77LBLYUE2OKUCDXRK24ZVLZEFE7QZDSZ5T275F24F37JSCO667JRVEX2Y726FSMIS7G2G3ZTBVX5IAPFD2VSRWFRUWIGYSKVOHJLIBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDMJSTE2MHHI35ORA3G6LOCVFFFXDUBDQQEUIC6OAEXY3ZB6TRODWAYMUCSTZWZU5Q2GPTLKGOFAWXGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE7POZ6UDWBIMMNCH3X2IQQGVWB5P763BNQWXFAHQGPAZEJLCKTQRNV3AFSXB4JT44Q/?
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 04:06:11 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 a02bd0c46a884f9607de751c79d67cb585.jpg
zem.outbrainimg.com/p/srv/sha/79/80/0e/ Frame FE6C 15 KB
15 KB 117ms
33ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/79/80/0e/a02bd0c46a884f9607de751c79d67cb585.jpg?fit=fill&fill=blur&thomcrop&w=478&h=186&fm=jpg

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

39d4d4d8576c4ed5f3365330a8255adbe34b3373ef6d4824f999d2208fb2c5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1086643
x-cache: HIT, HIT, HIT
x-imgix-id: 3b20863d1237e800989436f9b65e39bb9c65e49f
cross-origin-resource-policy: cross-origin
content-length: 15330
x-served-by: cache-sjc1000132-SJC, cache-fra-etou8220039-FRA, cache-fra-etou8220086-FRA
x-imgix-render-farm: 01.140360
last-modified: Wed, 27 Sep 2023 14:15:28 GMT
server: imgix
x-timer: S1696910772.830709,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D141 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 10 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FE6C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f62f1dd4043690aa6b2dad95a61380e5f1ae2d134ce071cd6498435b47f6b920

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame FEE0 0
466 B 132ms
55ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16484200006708004445000012473028&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=znhqi8lr1f8g&nw=20&renderingType=javascript&namespace=74162421da&subid=&uid=00109e306fab3016&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqtZbss0kZe7YE9qG9u8PmYeKoAym5b2gaa2anKfJD_AuEAEg1ICqK2CVAsgBCakCDGksNTe6sT6oAwHIA5sEqgSWAk_QLT49leKcyDu17AuHKTuwBmHrvYOzzTwYfu7yJA9KiN8oMnlCmB6mC4g3I9m9WKmmhKr_5uvTQKGHmGgzh-Y12s9DZ7plF0lJ3bGJAL8kE0aQACEWWN2veO0cr8b33iRfs-o7gEKiy3eUs81VFQaJtKGuvGHZgF0i1IiWPhWYjZH-qKV2ukZ86o4_Zt0kjZkYzSMmqCrPJYTqtAnffAmD2OimPLUykmcNarEsFXEjePOxyfOXVChPyOWmnIaDSGyn-ti8CZLILu2p2ogkGUg4zbGPjl4Te3H6vjqWcvXNp_80Nkho5DrCi_SKu7KoWN4L5avXbAaZPSxEBpwP0X-cGTbmIkjb_Qu-odRLru8nfnhs6hK9wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQHiDRMIuYu4nc3qgQMVWoP9Bx2ZgwLEsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI7vm4nc3qgQMVWoP9Bx2ZgwLEEAEYASAAEgKTXvD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE%26sig%3DAOD64_1y3Se50t2D9-8MTfLyvV8H1hLQRg%26client%3Dca-pub-7094677798399606%26dbm_c%3DAKAmf-D6MorB5IoFhPpqcHXtRHbRHDR-pOUSktLiUATceRebeRPB5ZqAkP1Cd8tPG7Q9u00l0v4e5kpGiZgn9yQGRWipYe2MwFbC8XgmBs6fmFsGRVXShG_1pBwm6NpaxP3HHYMVGbzLSOAARD1aVXW2mCHwPAQRM8X4FVojsxdCUJr1DzdK-Hk%26cry%3D1%26dbm_d%3DAKAmf-BEpviI19UwkYiO--esO57hKZhxdscfzw0e6bKHOReEtzSdO0W8F5J_y9JgbbNik4OYKtQuYu1W57Ezmod9tPENgXzRpqCMTbM4v4SXSZEirpXpHMHPnl0-WrD5rHtGUYjidkBZVpoHEgDVQAFs_0bs8x_zGc-xKomKX9dCHqmp84setNJh9ull3pjDgnnqe1uBv_a7dH4PbxNScKPukHzFDDuUBEmGL9I60Mlb_okn-l9n41PLN8-CRKeWibOqZB89Wmcmgtr17HN3iHQ90vl_cYqQD9kfG7Y87hg0Uwy9Qn4FZLxsXKzD260FvREIaYf5f1DtO4Ix7-7dHNdsfYwZipZ9fJ_U39MiO-W6Z1jX7bhPsslxamGvhdY8cTh18Z9Mi7fHY67RSUywKFTTwy9E0lJwR3sLqeihUMIaeh7U2cPTe_gNW6mZywI4CUFLMNHycxA3djThF1oCPRYjzB_nb369qVJmANpzA2jq6rt_iy4RBu5meX82lGQ_83TNdBXjFcyBS2Cx4a3F1-tPP5LkttcALDaz61FEjWC7R7TPEjy3m77RkKvJV7baZoF6VvrclJyH2PVAOMXsX9ilsUFsgpY9GQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.esinonime.com%2F&ancestorOrigins=https%3A%2F%2Fwww.esinonime.com&random=1603155566798&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 10 Oct 2023 04:06:11 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972D784:8CF6_91EFC182:01BB_6524CDB3_17CA5DD:27FE7

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 5D79 0
466 B 138ms
59ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16484200006708004445000012473028&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972D784:8CF4_91EFC182:01BB_6524CDB3_17CB708:27FE6
x-iplb-instance: 40028
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 5D79 43 B
482 B 140ms
57ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=16484200006708004445000012473028&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972D784:8CF8_91EFC182:01BB_6524CDB3_17CB709:27FE6
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
248 B 112ms
112ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v3.9.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: openresty/1.21.4.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
676 B 386ms
287ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=612301430698991&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910771875&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2265733668663449&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct82

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D141
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBdS9nVCudM071TUuy-u7JA&google_cver=1&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNa...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNaGffo9fxOYEZl3xhOBd9yUI

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNaGffo9fxOYEZl3xhOBd9yUI

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Oct 2023 04:06:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E6D22D329A9C4C3A996A446464BB2E25 Ref B: FRAEDGE1218 Ref C: 2023-10-10T04:06:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRRoOK39EurIEX8VSpffGJyDupKDchT4hD5GeClK7Cxc6zG9rsVb9LwiyAFifdKxQSpIaNNaGffo9fxOYEZl3xhOBd9yUI
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHVNPHs446IeeaaVPMmA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D141
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOt7RcL3JBTW_HkR13lmDZ4&google_cver=1&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXl...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXlZ5l4...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXlZ5l42q3rv0XOI

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmShCxecQc178kr3QljsCiME0YPBueTeLHDZTfqyoXwfgJwrwnx3w6jlEisYocZeNaBaKmyrai3fcAJbXlZ5l42q3rv0XOI
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D141
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIjLP2zI-2T_pUAQt1BNhSE&google_cver=1&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSV...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSVpRghilqpnWIdRbIQ

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSVpRghilqpnWIdRbIQ

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQStyhkzyyoUMzpZliwvxBDKznkcqoussPv-vML6HcGI-YmYXJrdP0wu0kTnnDS2TaAHOgZoSLKsSVpRghilqpnWIdRbIQ
Date: Tue, 10 Oct 2023 04:06:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D141
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENMwwr7FxkB305pWHdrKESo&google_cver=1&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlmb...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=nWF_AKgiVIZ9IoOwInVnBtly14Q&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlm...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=nWF_AKgiVIZ9IoOwInVnBtly14Q&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlmbQCuAjkpwhkkU

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=nWF_AKgiVIZ9IoOwInVnBtly14Q&google_push=AXcoOmSl7-BnUkbhdZ1rEUGh0sFGgDdkBW5-ETzB7iU_aQIwWCFjcEvll3y2SBtpaBl063jXG3WSHQsVjOBLlmbQCuAjkpwhkkU
Date: Tue, 10 Oct 2023 04:06:12 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H2 200 us
sync.go.sonobi.com/ Frame D141 0
401 B 390ms
123ms Image
text/plain 69.166.1.67
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTRg1OEDDTqOXSAH7-NF9nYTw4ji69cq-icJA-f2_-E9l-jtqb5H0VAhG7wDvJUpUrGzIPLUgqsNAmNcGxaU4W5hNTJbIY%26google_hm%3D%5BUID%5D&google_gid=CAESEAukNWQoNy4afhcdtvSed3I&google_cver=1

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-202
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame D141 0
237 B 99ms
39ms Image
text/plain 2600:9000:211e:6e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECzJ36A_iHy8sL9UqJwBlOs&google_cver=1&google_push=AXcoOmQ0Oo7fi9bGHR7lK6CRJdhg5Ixy-IEOAKBFYcNQNDp96DiN2Gdts-DXN60PxTpVezhSoFY3I5ybkrGVxbrjwegDcQuqljI
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
cache-control: no-cache, must-revalidate
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 8YDeMP0w9PgszUTu4eRhNdNUWj1xoRbiuBPSKF3s6AATRzn9oskujQ==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D141
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51b012b2-4a39-4924-a972-7a6daaef0fa9&google_cver=1&google_gid=CAESECK71RtK_lNykhmzMDQ7s9A&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51b012b2-4a39-4924-a972-7a6daaef0fa9&google_cver=1&google_gid=CAESECK71RtK_lNykhmzMDQ7s9A&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT57_vL0PK-cV8uMoQzmd_dpNTDuc9CeXl1XRzxWbygjUSGBZhtd00gFsByKXCwlDl7fbe59T00DmkANCZu30VggopCZ3t7&gdpr=${GDPR}

Requested by

Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=51b012b2-4a39-4924-a972-7a6daaef0fa9&google_cver=1&google_gid=CAESECK71RtK_lNykhmzMDQ7s9A&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT57_vL0PK-cV8uMoQzmd_dpNTDuc9CeXl1XRzxWbygjUSGBZhtd00gFsByKXCwlDl7fbe59T00DmkANCZu30VggopCZ3t7&gdpr=${GDPR}
date: Tue, 10 Oct 2023 04:06:12 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D141 0
12 B 31ms
31ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdxYla8bIQF9qIBlP-3wLeYT0jaFn4T1N_hlFTLjjyVy4vRPQNfo02s1IBvC1lKLcbrOpnlg

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FE6C 0
0 68ms
68ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2Ms8s80kZZTGDb-79u8Psr2IwA3XrJyCbsrq_Lz9EMCNtwEQASAAYJUCggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBNsCT9BOrJIgHVCO4KNW9rJELerbP8_qCKrufysYXxX6aoswq2zvwerGcj1tsmDJivDWb5CPhjU5JMB4fnQ0dYyGkbZ6RywxoewLA5-p9hMScp8XaA8tNrbE3is2iL3hw9RkLML0hoeYBfHEAUgGJxRqp7WLFUGchHf_v0ScGqJLdckIqjk2L1-1ZDY4lap8VHCnxqfPPHJ_rQLHWrkwHsblyC9yORJq283Wx5ffSFD66c2LwYJaXt-wkrMH3WS5Tq4Xte5jMqO-IYFKpgSMNYxxbFBJdhB4A4ioyYOsJERzli9KSmg3HfM2KnHuYRIInAUHAN-aDjWCPWdK-RRNYUC3Mc-V0upm2mpnqSZAD_tAMXl4jn3PfuzhgkFOz__L0JZF30MRhf4lSFBjVyZTRxsE41-wRpTwQn5xnZbtmsTc0u1LnxJLWtnLNU8M1b-yl9DPaBqY_l7v3nYvo7ngBAGABtqV9JnlsPSh0QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=_2EAFfKfJtw&uach_m=[UACH]&cid=CAQSOwDICaaNFJ__ownsqTZJQimG0NiZaZOl0S3rZ5JpFomMqxCyLMO0gvVTUstv395I14D_J9e6f0kx1yyBGAE&cbvp=2&vis=1
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/58e368fe-6722-11ee-8065-9163a4288d82/ZSTNswADYxQH_Z2_AAIeshO7ObIcWL_cTA_aQQ/HEI7SULS2M5HOSK4PZRPOHDDCZVB4XDQQ64DB4LST3VHV4GTJUA6ZE5TFTIMK346WD5JOZ7... Frame FE6C 0
99 B 88ms
29ms Image
text/plain 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/58e368fe-6722-11ee-8065-9163a4288d82/ZSTNswADYxQH_Z2_AAIeshO7ObIcWL_cTA_aQQ/HEI7SULS2M5HOSK4PZRPOHDDCZVB4XDQQ64DB4LST3VHV4GTJUA6ZE5TFTIMK346WD5JOZ7EXDGABSE2NIMOCHDTB3QAFPRBPAQGQLTKGPGVBXG3CNS7SNPMGM6EBOOMF5XVHLDTECOBHXDKB2OD7CNNDV4KRIMRPYUSQB6GYF32LPVEUPWFFPRSAWYKGTZRGF7FHCJZLHEO2OIRLXJVMZYFTF454LQOVSRXEPK72F4ZICPG7ODVOIMBGFJ4J3SQNC7BUYI2GK3H7IB7DBSAS2TNBJ4ASOWGVNZ6QTWLCTKLVYZ2WGYJGJOA5OQYQ6GDNJ6LGG76OQUULQRXWI4LO3BVFHGOWU3WGIQ42TGCLJIT3YYHMEHNAGP6TTNTJEW4KZAQQWNWNZLJOOU2MO4ZYHFL4VUUIKFYEVXMVROOPHQCAIFHADEF27QVRK57YADTMN553HWY3O3QZBN74I2LYAZL5OL6PBE5H7MM5MO4VIE5ACBE62Y5MVX75WW53ULU/?&cbvp=2
Requested by: Host: www.esinonime.com
URL: https://www.esinonime.com/sinonim/rezistent.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 10 Oct 2023 04:06:11 GMT
Content-Length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C07 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQEUys80kZcjfD_WejuwPm5mI2AMAAAAAOAHgBAI&bg=!AgGlAU7NAAYMG8UMLBs7ADQBe5WfOIIelKVoBR8j8CKSf71IgzfFWDhdJ0doRzWsXnerdajwKmtpReL0rS7RLebwVIkbAgAAAXNSAAAAQ2gBB5kDDRofZaZuAYYL9o0ebQoug4Q4NyiFk0yJQdwedTc0PpLYqbdo4jDcYvc2CJsqXINyItL7IVWkJpgTYyTQfuqtjbcd3XgXOD-cqzKF6J-aM_FL6z1od8xrtPhVdRfrKnC0X9IHwF86LfVoGzb9uoPdsY7mzrfpPfCkLjcIUfWIWEU8FbOz0hzmqpLt-7-4k942L9ILNoqc_PnPl2iABlrKrracWMiwdGkYqK_sg0uTgt9Fi1TD0GnxSgZrLz7ggxFuPeYXk5fc4v4fjJP6lIqiQDycb_62aXMzECbj31SkgSz1WCB4_EV9fwoNDf6-yLt7gIgw7ac78WgtCI56xQtz7Y8f1ukCFF0-Amm5UF9piFBFk6S6z9jGtmzt-MCA-z0CFwWw6R-AO-8QWJPljAZvCi6VXxGNd5SXuDGnAgvtngBvYIvi-76ulwA3ffj4PFULHmxVRk2DvAmVGzMYfilEsPverkc2fyoGFlFbcVP69-MkF3kt83idcTZjMSEy2inzZoAXClOjHGCbn02yWcIjZfUepkj86LMUr-fGefftHHtxSGnv-Tu7ehdkf8zAwvxmf6SCq9Fz96e9qS5wovykuqvbbEM1GejdpPSLPyWrOcERlDExWGHiiycR8HZZwEqUopk_X9GAhkjzIGpbgielFWZ9v2dMPWJ_7uM_aV9JGrSfMrWtMg_6vVbI0OWum2ZwTeGlSoFQM__ERqty_52qPeyxPUoXa8Peyg3yXDzFZF3s27CC_9yTGL4ciPVVNjLXuDXRftRhKJqDuwtS82s9YINZb-wdXx9WfrzmfKar5rx4J0LOV38Bm5ExM0mLSdZgfuCkQ1XaT4Hs8gKz6dr3fulpedg-yBmWYvvFJOL_pJnkFqvT07k1bantyLFN-t5b51Y84079FfeRQBgNwxVyzsjl6xz5OI-HYUQ3GyjpSYPx1zKvyu3qLjX-MNSVmGLa18bU0MYpNuLW7UMamYMdLllFZB98iiKh5YCXXuGnn2QAumUNarnqPTHguMexqoihKu2hTUQhxFFPIR67ZZY

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33 Show response
5994599.fls.doubleclick.net/ Frame AECF
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33?

390 B
326 B

68ms
67ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33?

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

90ca5dbb678b4166a01ea61b2e0d5cff7e69f1c352593637b2cc58037049c513

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:12 GMT
expires: Tue, 10 Oct 2023 04:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 1CA6 6 KB
2 KB 76ms
26ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
Requested by: Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9ae6c2b49ba38b53a4a557a6860a72707c3a451a76f9615916e607ed604d950c

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1872
Content-Type: text/html; charset=utf-8
Date: Tue, 10 Oct 2023 04:06:12 GMT
Expires: Tue, 10 Oct 2023 05:06:12 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 54F6 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 10 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D79 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560b9ce25db39b21416e26c9adaabdfcea8706c43ad2b4a748306b5b566ba655

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1CA6 5 KB
1 KB 88ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 03:10:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 04:06:12 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1CA6 12 KB
12 KB 77ms
26ms Image
image/png 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 45e5dcb2205e3fe60cc76961ddb6589a9d5c47717eb938ce8b2223b51bbea19e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 04:06:12 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12180
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ym5keE1QS20xUVE0MEE1&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_h...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ym5keE1QS20xUVE0MEE1&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_heytgGSLlGP9qnNYZMtgpcIDgz9jk19b6z308-poxeMHcdIRp5px-U

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 04:06:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ym5keE1QS20xUVE0MEE1&google_gid=CAESECfsBeLa7oxdwNNpHx1mteA&google_cver=1&google_push=AXcoOmRx1ylzzDduO7UMMqzYNWovGAR8d6lP_f2BkU803_heytgGSLlGP9qnNYZMtgpcIDgz9jk19b6z308-poxeMHcdIRp5px-U
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOZP3o86cBym2sXnYXmVXRk&google_push=AXcoOmR6wG_z4ztsnVanWyLttoKvp0GWzDLy-mAdzZyKLkMzk0exgkhYWm...

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOZP3o86cBym2sXnYXmVXRk&google_push=AXcoOmR6wG_z4ztsnVanWyLttoKvp0GWzDLy-mAdzZyKLkMzk0exgkhYWmmmVK-H7oB4VQMSsglB0N6UgxrFbiypiZMtLZO8dbA

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220025-FRA
pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696910772.177187,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOZP3o86cBym2sXnYXmVXRk&google_push=AXcoOmR6wG_z4ztsnVanWyLttoKvp0GWzDLy-mAdzZyKLkMzk0exgkhYWmmmVK-H7oB4VQMSsglB0N6UgxrFbiypiZMtLZO8dbA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIV9J_M-dupgfs1Uc-ZJkqI&google_cver=1&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4CcymQeH-8BrxAJ9
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE932A23B67F4716A949249AFD62EB03&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4Cc...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE932A23B67F4716A949249AFD62EB03&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4CcymQeH-8BrxAJ9

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Oct 2023 04:06:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE932A23B67F4716A949249AFD62EB03&google_push=AXcoOmRpyxnFWQ5GAMLJohHXFDoXSp5zPd9EG-r08P5mCAcEx2tE1fIj4tgBVQ0wdlW9t142T2lHtnEOJ-Du4CcymQeH-8BrxAJ9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 09 Oct 2023 04:06:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBdS9nVCudM071TUuy-u7JA&google_cver=1&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G8DbsYdneoL87PX9V7vuIeIN

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G8DbsYdneoL87PX9V7vuIeIN

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Oct 2023 04:06:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8DEC079F546A419889591C630C58C3D0 Ref B: FRAEDGE1218 Ref C: 2023-10-10T04:06:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSzX1Sj7kd57HBo1BqFn6GnmVvblOAQwrHeBgdeJkIhN8PKIh-q__UEJ1UAYXR6yn62yQc8G8DbsYdneoL87PX9V7vuIeIN
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHVNPKP8vEa7XvqAJDZw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBJ-lSPCFWnHWnHaRT0OmNk&google_cver=1&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYwPwLUlfkJq5PYFdw0d&google_hm=LQ4b93g7QnWQ4OtM_-jj14Q

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYwPwLUlfkJq5PYFdw0d&google_hm=LQ4b93g7QnWQ4OtM_-jj14Q

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSIdkW49ZP_ALj9QmRuFtlZg7nxWcE_dQDF1dBumZku11o02uJaCZnsXuayyBI93hlkvnQnFQdmMYwPwLUlfkJq5PYFdw0d&google_hm=LQ4b93g7QnWQ4OtM_-jj14Q
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54F6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOt7RcL3JBTW_HkR13lmDZ4&google_cver=1&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY7Uf0...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY7Uf0CUaW5bqZzr

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODE3NjI2NTY5MTg1NTAwMg%3D%3D&google_push=AXcoOmQcrHNt3eWYmicvEKrzamwIhh9CUSmQjRBXP3c9VaEGL-YV5P2bKUBLg-LlruHG_uXYDAo9vAQx3cwVgY7Uf0CUaW5bqZzr
Date: Tue, 10 Oct 2023 04:06:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

/
onetag-sys.com/match/ Frame 54F6
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIUC3dJyLy5HJrVAt88YnNw&google_cver=1&google_push=AXcoOmRA1W0v0J5r_qjfSGJWz2QhkjTBVuqn4DCCSFLORQnt-NEV9-yqYHmcrTGamnoA5kD-Nf-_6v375ye...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRA1W0v0J5r_qjfSGJWz2QhkjTBVuqn4DCCSFLORQnt-NEV9-yqYHmcrTGamnoA5kD-Nf-_6v375yegtLTbmrdFttlCkNGyRw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

22ms
21ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 54F6 0
12 B 32ms
31ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lobu9AOu1wocxPVMLKbNT1z-SJg9ij6pDYGtneFbAqpA1XRgaxLRtOfQtQUczSR6t7rkz-hw

Requested by

Host: a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
URL: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 1CA6 0
150 B 78ms
27ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=16484200006708004445000012473028&a=e75a62af&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 04:06:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1CA6 14 KB
15 KB 86ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 387747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1CA6 15 KB
15 KB 88ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 327795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:57 GMT

GET
H2 200 dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33
adservice.google.com/ddm/fls/z/ Frame AECF 42 B
401 B 117ms
59ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJCDpp7N6oEDFVMIogMdcm4J5w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9852885334770.33?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2093 0
234 B 85ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnjsuyi8&c=1211505324062&slotId=605752662031&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
186 B 191ms
189ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2193537583049346&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910772298&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=3295323436333198&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct145

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 41ms
39ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb4ab5763a180c97d340abe688773f80fd242a1204170e746e6ac9722891f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12286
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
27ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=51738394&t=timing&_s=2&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ul=en-us&de=UTF-8&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5888&pdt=7&dns=1043&rrt=0&srt=752&tcp=260&dit=2444&clt=2444&_gst=2576&_gbt=3102&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=322046335.1696910769&tid=UA-175562270-1&_gid=1281095662.1696910770&gtm=457e3a40&z=729765969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 22:03:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21774
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
27ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=51738394&t=timing&_s=2&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&ul=en-us&de=UTF-8&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5888&pdt=7&dns=1043&rrt=0&srt=752&tcp=260&dit=2444&clt=2444&_gst=2576&_gbt=3102&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=322046335.1696910769&tid=UA-113932176-46&_gid=1281095662.1696910770&gtm=457e3a40&z=760059118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 22:03:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21774
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 04:06:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B36E 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 02:12:03 GMT
expires: Wed, 09 Oct 2024 02:12:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE55 829 B
560 B 32ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ac10ecf36583aa39e1fe82d718c36026a3986b4437a7ac3eac8400da8c7ddb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SXlQGILdxJlwPr141bH9Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esinonime.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SXlQGILdxJlwPr141bH9Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 04:06:12 GMT
expires: Tue, 10 Oct 2023 04:06:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame 2093 0
54 B 41ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnjsuzoz&c=1211505324062&slotId=605752662031&ghmsh_eids=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 256ms
255ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=1658526315019825&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910772511&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2392038689719231&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct131

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame B36E 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 19:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 19:23:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE55 0
0 54ms
54ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1604958438083996&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B36E 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7SEVyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 172ms
171ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=508999080586100&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910772785&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=1577411309540099&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct17

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 232ms
232ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=1539088162346882&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910772989&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=226778147503275&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct217

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D79 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB_RbtNpsONw-NfMiAtP6Hq7qv3tUfk9fezjCt8MbZWWxssCSbmZOUDtpo9Tbje5SEFUKplufG5hN649rn8ejU8WNtTHsJ-xr5W8TLufCtqAmDb9_2Uue1iJ0SQcppVdA&sai=AMfl-YQgoS1xKGpWDDKpxnr98LU2CKxCWq-OhIK6GPC4B-RKa2JrptZ2Toabh0t-Km1YigZ32Y58O16zc7ddijwOcuyrTFk6-1Jxkc-6gJ4VsRdoruxyOuWq_0UNpzw&sig=Cg0ArKJSzPjiQvAmhXzJEAE&cid=CAQSOwDICaaNTvBWZn9Fy_xpHUjoGVG5uE0G8QXjaH6FELXyQGPga3JiynGDOjfeJy0tlWLNiYweTRwwKf-HGAE&id=lidar2&mcvt=1000&p=802,425,902,745&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&app=0&itpl=20&adk=2292865416&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696910770903&rpt=1128&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 181ms
178ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_third_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2052389780663695&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910773254&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2587252378010132&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct61

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1604958438083996&bg=!-fql-rXNAAbjlzx0w5c7ADQBe5WfOIeBhOxUl7i3fZJWC570AWmS8Hvby01Wu0jgioNNI9mwz58m5UJoYKw7U8IagCYGAgAAAIpSAAAALGgBBwoAQZfpP9YaYo3aOQembhadqUcdgejQjtfkCfG2LtjBrhRfFu19qhes8iTY6ZqiUbFOyHiz-HGn-LNMEMUPBsZW7s4hmQLL9D8B7iStF-lfXwdtTv-cTdchY_uwnYu5zANvdPlMTQ5bRD3RMpw2pwCE_CAEYRN0JJJeGLfOaZ-80QT8VHSE3q5LhGRwq99RHzQDe-Bd6rPC-dIuDvu9NSOPwsWPqyIWo-OQlXPDW-UEMUfJoFERj98lozxqPhuza7p7jZuiQ05xgOdVwJT11iEocYq_ZBRyK8ONW5Oq8RnhzFd8EFZid8yCJTnIi-Wynrtxlo9QyX9FoM1eq47hRjI99m4WCIL-jiohYRnpmkmaKCpdbkwwS259sxey2XOhmub9wBMXDtoc8EFjadGQPlk92sieHpIbWMgx_oUdmKcPj5wevswa_oXuUI1szZfKL2-NzU51BFv6VFsiy5J6LEODomD9WzedTPeOKSCPao7R205sv2C4JIUQlbzavujg8C-DlZip-6YQDZArWtsyTi28_pbRN0mskja7Or5zsszpwTG7RD4w0d_WlUkiGulh5y9lpbuwEpKd26pPOQg1S5oa4LX-3q0tfAFamlTYdhxb8kTsi1b7jBJgCH6NY-_li4y_cAXHks_tjNevNjhaBJlUnd4TnYTH4dmQl46cT-ImHDE6uQHkbvmy6ygHvgIsgbqo3dE3gpVvzNE_Y4g-tFs-Zq-JST2A34ZFCCtZXRdGJI9n9nDfpI94-5WcjyP3PuvGIPY1n16-MZ6PUObW8swIaZM-yHro1U1WNiJKNSX5kfbOg-lTQpySxqem9heBFxhDdG2A4uyGtrrF_bvCh-dcazmc5X3Ks1IDkXCALGcBn35zhxiYelxUvx89cxVkYxe8G6kvDf99ua1t_RNEa0nlbY8OWy_D6d7vpnN3t65L1yuNLtaDJ_uWmukCZJJqriq7bylZzzDFD1Bsn4XqbKaFNJDTfmHXqWtOefuYBCrVMDr4K5Rn9opjTU3GLBMBH7FJfkYrTyKVuw5e80-6gWlq9A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.esinonime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 1CA6 0
150 B 78ms
27ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=16484200006708004445000012473028&a=e75a62af&vb=v
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=16484200006708004445000012473028&a=ce71f6fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 04:06:13 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D79 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8114995747213&version=m202309260101&ct=77&x=1&cor=9253889030278207000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 247ms
246ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=934683102630337&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910773450&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=245881161094386&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct46

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 168ms
168ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=992898595059716&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910773722&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2462971683100408&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491_ct119

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 222ms
221ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2064711424484936&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910773909&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=4240649661679307&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct104

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8J9SC9WB3T&gtm=45je3a40&_p=51738394&cid=322046335.1696910769&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1696910769&sct=1&seg=1&dl=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&dt=Sinonim%20rezistent%2C%20cuvinte%20sinonime%20pentru%20rezistent%20%7C%20eSinonime.com&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.esinonime.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 04:06:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.esinonime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 16599447384462f0bf220db4e.ts
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ Frame 0
0 115ms
114ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.esinonime.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 10 Oct 2023 04:06:14 GMT
expires: Wed, 09 Oct 2024 04:06:14 GMT
server: openresty/1.21.4.1

GET
H2 206 16599447384462f0bf220db4e.ts
h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/ 400 KB
0 115ms
114ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-esinonime/source/uploads/videos/16599447384462f0bf220db4e.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Referer: https://www.esinonime.com/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=895820-1785247

Response headers

date: Tue, 10 Oct 2023 04:06:14 GMT
last-modified: Mon, 08 Aug 2022 07:48:59 GMT
server: openresty/1.21.4.1
etag: "62f0bfeb-f36cd04"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 895820-1785247/255249668
cache-control: max-age=31536000
Content-Length: 889428
expires: Wed, 09 Oct 2024 04:06:14 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 236ms
236ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2143265646350561&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910774146&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=3957905594869144&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct111

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 254ms
254ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=1040951339948626&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910774395&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=4447289229007788&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 182ms
181ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_third_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=695253620911674&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910774660&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=4327833871169356&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491_ct32

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 207ms
206ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=4086876128224581&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910774856&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=549644544383656&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct27

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 174ms
173ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=4006335465688302&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910775076&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2055272201177713&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct48

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 243ms
243ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2485943474398458&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910775261&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=4295197093675425&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct32

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 201ms
200ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=3967348389063024&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910775516&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=968154196680054&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct87

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 260ms
260ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=374666377870346&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910775729&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=62554807315632&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491_ct98

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 186ms
185ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_third_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910776002&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=2762563958595168&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 209ms
208ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910776201&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=410553029049033&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 177ms
176ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_v_esinonime_v_pre_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910776422&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=1744783838084872&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct190

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 234ms
233ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910776623&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=3726302724690302&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct191

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2093 156 B
143 B 187ms
186ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C37592960%2FDFP_APAC_Parent_Second_AdBreak%2Fellipsis_dfp_v_esinonime_v_mid1_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910776876&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=655168445819013&ged=ve4_td8_tt6_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct42

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:06:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
pubads.g.doubleclick.net/gampad/ Frame 2093 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-ypbvzFHl5XHtYKm0dAKvN8tsS4w8HyrYNv9XOPQ9LFqsnVFLD-b_e1z4PAgy3XF0thGmuqK8cCo2fgEk8jeEhVmBoecNoIjgd4g8FLAUxVuKOs_s8wSnm0nqYg0Z6YkmFQAN_COui9CRhweMsyKLCIOr2zKtu78IqSL5q82E0cFtgezuBSqbis0EtEy6f4hktdvVfdbGGtw-BD4N7puVjJKtPjlVG4DuiFkBGKrovrcXUt-f4xTVK2yzkpWfxHiPPuWR-y20sEJqtmLLdNNd9QuqFKFi7TZKn4IY22whI8szlt-NdNxlRlv3gW5sE3qpf5Zlr8zXPU_wTYg1cHnLDsp3dr-mRc92za_b57xOwMPcU17jkd6dnfRLDI2VvF_yGClK8KwhKAhkCR46aQ&sai=AMfl-YRyRmzJTWnzgJGDqxmdI4ffQFwWmY6gGCjj02GbCwIB1KTNVwEdcbhZvRulZS7iH1WIBN6FGNNz_aP6J9ODv2WHxVNkbx8I4WKvCbfpISBPlIkD-aZnvetdWoMfSw&sig=Cg0ArKJSzKGOe9UbGaZOEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_HxgC723-VX-ZJMNmKxrLRVJsVaEGBu-QxRzAQegSD_q3CwQvK46RegQuIVd_AfGn1joo-b5BVmUWMevczHCwwsNpQL4a5VDkR_bhAjHXDJ-fK-abAB6Eq6puQVOWefPrqs9UhJG208NMN60x64mKxNpNVzDIBZnegqAecodyq7iIpepN58HrJFE6-BV3Grk28kjmALO_lse0H0G2nLEvy4erQDNo_jZYNv_xenfQsZSSo35NG-rlBFvURkteHZ3ugHrBAH2T3SVPZNS-BZM8AYHMxLW0hFWYeD4rPPWnqh0e3u71mrrPifPuJR_ddsUWTQZCaxYXMwr3uTECAeBICy21xwKSgYEMyzK0DGi43gvLUG_MgX4Y8X1_wGul0XBbej-qHQomOGfcLBhtpw&sai=AMfl-YTwLifpZKJhFDTQ7zAnB_5ebv08A_vVB-wjvzOPLtUol1lVOsaDsonFx-M6E2GDIpATVFgFl7BMGcUKP-F3DpF_08y07Kh7qmU2kaIFIpJCUBHGSjKW4_G0uTIKag&sig=Cg0ArKJSzNgVXIQwfyCQEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C37592960%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_esinonime_v_mid2_1&description_url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&tfcd=0&npa=0&correlator=2241600232496396&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.esinonime.com%2Fsinonim%2Frezistent.php&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=click&vpmute=0&sdkv=h.3.594.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=1652238469&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.1&media_url=blob%3Ahttps%253a%2F%2Fwww.esinonime.com%2Ff4359923-8a7b-44a1-8adf-8ee067f1b50e&sid=CB56DDCD-F0D0-4FA4-B500-84F11ACFE553&a3p=EhwKDWNyd2RjbnRybC5uZXQY2YCOvrExSABSAghkEhkKCnB1YmNpZC5vcmcYjYOOvrExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNmAjr6xMUgAUgIIZBIXCghydGJob3VzZRibg46-sTFIAFICCGoSGQoKdWlkYXBpLmNvbRjYgI6-sTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKaFjr6xMUgAUgIIag..&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&dlt=1696910768528&idt=2332&dt=1696910777077&cookie=ID%3D4ef6a62656b300dd%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw&gpic=UID%3D00000c93504e6c99%3AT%3D1696910769%3ART%3D1696910769%3AS%3DALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ&scor=1110851134562537&ged=ve4_td8_tt6_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491_ct44

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 00:57:50	Name: demandSupplyTi Value: 00eb517e-6649-4642-af39-b139b7952260
.demand.supply/	1970-01-20 15:21:52	Name: __cf_bm Value: aWCNHfeqUPjVYoSKlfQ7w_bALvsFspKosDBtb7Tx_VE-1696910768-0-ATxj7rx45hoVFN+vUxPj+reIucdrbEUCXSK6lLJrQVcbV4+7VlpNdHAPppflSdynQZXA/CQqbE0C022/BcsCfKE=
.esinonime.com/	1970-01-21 00:57:50	Name: _ga_F6XDW6WXFS Value: GS1.1.1696910769.1.0.1696910769.60.0.0
.esinonime.com/	1970-01-21 00:57:50	Name: _ga Value: GA1.2.322046335.1696910769
.esinonime.com/	1970-01-20 15:23:17	Name: _gid Value: GA1.2.1281095662.1696910770
.esinonime.com/	1970-01-20 15:21:50	Name: _gat_gtag_UA_175562270_1 Value: 1
.esinonime.com/	1970-01-21 00:43:26	Name: __gads Value: ID=4ef6a62656b300dd:T=1696910769:RT=1696910769:S=ALNI_MahZimyp6zEB9VvXfhvbHMPzFtRKw
.esinonime.com/	1970-01-21 00:43:26	Name: __gpi Value: UID=00000c93504e6c99:T=1696910769:RT=1696910769:S=ALNI_MbM0bFJCrydGkVV01hU2KmRoCCMkQ
.esinonime.com/	1970-01-20 15:21:50	Name: _gat_gtag_UA_113932176_46 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FP9NiXpZgMQ
.youtube.com/	1970-01-20 19:41:02	Name: VISITOR_INFO1_LIVE Value: AA4eBZ0v4iI
.esinonime.com/	1970-01-20 15:21:50	Name: lotame_domain_check Value: esinonime.com
.doubleclick.net/	1970-01-21 00:43:26	Name: IDE Value: AHWqTUknru9YHoAAktRZz-ytzqLdoYo8H0-HL8RnvciujXzowJxT7GQJyAaVaGXG4BI
.criteo.com/	1970-01-21 00:43:26	Name: uid Value: bfbe419a-35d3-4c83-8149-3d73d6214799
.casalemedia.com/	1970-01-21 00:07:26	Name: CMID Value: ZSTNsz-K6cENgPJ89edsyQAA
.casalemedia.com/	1970-01-20 17:31:26	Name: CMPS Value: 2181
.casalemedia.com/	1970-01-20 17:31:26	Name: CMPRO Value: 2181
.doubleclick.net/	1970-01-20 19:41:02	Name: APC Value: AfxxVi7qCaRKwCNbebcKFiDS7fBoaUUmy4wg6Llj9XFgWhj8D9qBCw
.esinonime.com/	1970-01-21 00:43:26	Name: cto_bundle Value: 2k6Aa19xJTJCN1dWTGxXWHFPdm5SOGVsRWdzUSUyRldRVmRNcyUyQktDeDI1a2N5N3dueUNIdG82WlphOVBTJTJGVDh3R215bnFObHJlQklmVGRHb0klMkZiOEkwJTJGTHJoZ0N4dlhOV0hBR0lpYWhvUWtwbjNqTGpXb1p3WUtqVEI0alZhSGVxUFRic0xsaSUyQm5FTmtiSTlWS0UlMkZ0WnhkV2MlMkJIZHclM0QlM0Q
.adnxs.com/	1970-01-20 17:31:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlilXoM:!]tbPl1M>e)ZlrFUfJ+tGXxp.My[+wEzcBO?VnhpQ1QtfSGPW/]5-qRTC8'b3If)y3KL9D3I?+AYH>bM
.adnxs.com/	1970-01-20 17:31:26	Name: uuid2 Value: 7320941504364735694
.redintelligence.net/	1970-01-20 17:31:26	Name: 8lcfmzhxc8d6_uid Value: 9a5deb3542bed9a8
.adfarm1.adition.com/	1970-01-20 17:31:26	Name: UserID1 Value: 7288176265691855002
.adsby.bidtheatre.com/	1970-01-20 15:31:55	Name: __kuid Value: 5f037d1c-acce-4d3c-8c99-01836ca5c6fd.466124771
.csync.loopme.me/	1970-01-20 17:34:19	Name: viewer_token Value: 51b012b2-4a39-4924-a972-7a6daaef0fa9
.linkedin.com/	1970-01-21 00:07:26	Name: bcookie Value: "v=2&ed5e424f-3bd8-4ad5-8b02-9d0e8d05c398"
.linkedin.com/	1970-01-20 19:41:02	Name: li_gc Value: MTswOzE2OTY5MTA3NzE7MjswMjHt6Vynr6MAfIx1D0h2kHZY+UK1pZj6pRpEqYqODHBlCw==
.linkedin.com/	1970-01-20 15:23:17	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2762:u=1:x=1:i=1696910772:t=1696997172:v=2:sig=AQHOgDWHKAJc6K1kMvG1J8vjqid5pr1p"
.ctnsnet.com/	1970-01-21 00:07:26	Name: gid_CAESEBJ-lSPCFWnHWnHaRT0OmNk Value: 1
.ctnsnet.com/	1970-01-21 00:07:26	Name: cid_2d0e1bf7783b427590e0eb4cffe8e3d7 Value: 1
.simpli.fi/	1970-01-21 00:08:53	Name: suid Value: BE932A23B67F4716A949249AFD62EB03
.w55c.net/	1970-01-21 00:53:31	Name: wfivefivec Value: bndxMPKm1QQ40A5
.w55c.net/	1970-01-20 16:05:02	Name: matchgoogle Value: 5
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86202\|ZSTNt
.everesttech.net/	1970-01-21 00:07:26	Name: everest_g_v2 Value: g_surferid~ZSTNtAATbFPvkgBV
sync.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id Value: s%3A0-9d617f00-a822-5486-7d22-83b022756706.ANTd6OytJ7ifzXjjPLKNf8qwOJcDE%2FY5ar%2FDT3byXII
.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id Value: s%3A0-9d617f00-a822-5486-7d22-83b022756706.ANTd6OytJ7ifzXjjPLKNf8qwOJcDE%2FY5ar%2FDT3byXII
sync.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id-v2 Value: s%3AnWF_AKgiVIZ9IoOwInVnBtly14Q.NG06yQGAJuxHKJlOBNFiE%2FNGeW30qcX1%2B5atStCwM%2FI
.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id-v2 Value: s%3AnWF_AKgiVIZ9IoOwInVnBtly14Q.NG06yQGAJuxHKJlOBNFiE%2FNGeW30qcX1%2B5atStCwM%2FI
sync.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id-v3 Value: s%3AAQAKICmNla4uSNSNYFQ1-tU_mcUce-P5VQYtG0RwxXOvcrsAEHwYBCC0m5OpBjABOgSAjA8ZQgQcoKzr.l0ZvSjJ5ZK9tAj3a0tAY13FzZcs3pWOUVc0VaWcQQhI
.srv.stackadapt.com/	1970-01-21 00:07:26	Name: sa-user-id-v3 Value: s%3AAQAKICmNla4uSNSNYFQ1-tU_mcUce-P5VQYtG0RwxXOvcrsAEHwYBCC0m5OpBjABOgSAjA8ZQgQcoKzr.l0ZvSjJ5ZK9tAj3a0tAY13FzZcs3pWOUVc0VaWcQQhI
.esinonime.com/	1970-01-21 00:57:50	Name: _ga_8J9SC9WB3T Value: GS1.1.1696910769.1.1.1696910776.53.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.vdo.ai
a3bda35311c14edf89eaf6e831208262.safeframe.googlesyndication.com
adservice.google.com
analytics.vdo.ai
api.demand.supply
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csync.loopme.me
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
h5.vdo.ai
hal9000.redintelligence.net
hal900028.redintelligence.net
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
live.demand.supply
match.adsby.bidtheatre.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pubads.g.doubleclick.net
pv.medialead.de
px.ads.linkedin.com
region1.analytics.google.com
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
targeting.vdo.ai
tpc.googlesyndication.com
um.simpli.fi
widgets.outbrain.com
www.esinonime.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
zem.outbrainimg.com
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.18.26.193
142.250.186.34
144.217.66.206
144.76.91.199
145.239.193.130
146.75.122.132
151.101.2.49
162.19.138.83
172.217.23.102
178.250.1.11
184.30.17.67
185.89.211.12
188.166.17.21
2001:4860:4802:32::3
2001:4860:4802:32::36
213.227.153.222
2600:9000:211e:6e00:1b:5138:8a40:93a1
2600:9000:2250:b800:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:21::681b:cc59
2606:4700::6810:5514
2606:4700::6810:8616
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9b
2a02:2638:3::3
2a02:2638:3::c
3.73.105.217
34.96.70.87
35.186.193.173
35.204.74.118
35.214.154.93
51.75.86.98
51.79.72.196
54.171.14.223
54.204.93.234
65.9.66.97
69.166.1.67
69.167.137.97
85.114.159.118
88.99.165.19
01cbb9b0806f1036ac5456e9585b297b97d1762c729d3d86ab85237342da5a44
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
06878279d3f27c064e8972db64da662794e6fb2be0a8d7f1c9534a4b375bb1d3
073198cdcfe7323e68533e66c303d38e1d5bb4b1a6c1d244f760b353c39dff8c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10291ca635258dd15e8e6db93a836f6a1da95e084996cf2ddeb7ffeae754df9d
104345f7b2c3aff05a26a7aeb976d33689427dd9c62124d5493c6c53c418ad17
10caf1e1bbca262b1a00dce458a9bd87a3889645f4e81bc32154b78e007e3d24
15014179dd2e56de46c386b0768619ad2a65b90490e9ab129296b90608fec652
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
17b497fb6b31f0f4e4a33e728c43ee6ff5ce5889e5d1906c50fceb3f47d0eca7
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1beebb44a9b9ca8782f44dc194c79b6cb9bd0becc10d3dedece9a7b332eea32a
1ed726167178038cce7e96003b125907e20f3ab8a0486b8c05ab11e3475452c3
1efd6e9c5beea6f0533f8f48324ed9abbe1f4eece965d0c89a067bdef86c2b4f
20a349c37e70d87c740338bee2e1e219453bffd161798a614641b7bccb25554c
25e5e6e187a84894c11ec5605afc7386d809a6a3509e45b591ac8bcfc0264927
2921c039a05d2f6b4d502e6f6300ff5147312da6e94ecc45b9e43e40a4af4c22
2d101e192c5c713e41495da9ac9af7bfdb68ebe07cfc051ba33b33dbfca1c4e3
2d215a946e00260ddb8bfe06d632ad6d63b1e72a44e6e4a9f83c70e0718fd523
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8
30ff9c2f177b2e94ae06bc91591814722b2c5c7a316d35b99b8b7301fe083a23
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39d4d4d8576c4ed5f3365330a8255adbe34b3373ef6d4824f999d2208fb2c5be
3b32b9d188c8ebacf9786b143fabc91ee396155e970bf8f9afe5a818f3300a21
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45e5dcb2205e3fe60cc76961ddb6589a9d5c47717eb938ce8b2223b51bbea19e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49609631a3323b2840b5e02ff4098ffcfef08c9d02eae3982b31f6ab42e6c2b9
49d3c8b90d59d1d0e7a5fcf3fcfe3d3cb79a4d945f41c729e4b42566f30156b0
4ab70ce4594ce24b89bbce01bcb2cb2d2ba1185d8660f7164653a744d886bac5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
512c9862bb588a18908b13177fed2485bac5023c2557d8043fb962fcb9931265
53fc09b457d58e25fde4bb9d5ab8fa314895e9236e9f7ef9b4d9ccc865be8994
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560b9ce25db39b21416e26c9adaabdfcea8706c43ad2b4a748306b5b566ba655
5618563a254853be0bcefda48fa58c597b06af827a58e94a3b35cf0d5c351550
57fb69517eb9419e43e0c437f7abc6084740619a4f040d6a84e2ef943e96fa73
5f18a599fd3cf068f2df9fb364ba2057724fea81bd2a95288f0c9dcec8835c52
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7536df061cf30df1015b80508ee45759474edac7f2a3547462bd79c7f9e0cc65
7ac10ecf36583aa39e1fe82d718c36026a3986b4437a7ac3eac8400da8c7ddb6
7af29b314966755f6800f35e7ca3525662fb40c74b19e84862586bd2ae06ab91
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7dd14c5a67d3663892dd61ae4395d5e00b05219511e3aac17f74e3d43cb8f4a1
7e1fc8ddfce267472d52959d1ac4e31edbef7b792cb3353bdeb15b7b2a7430f4
7f349ca91659f1a8711425a67900936d1f4cece42f85bca64ff0f5644ad0dd04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878b9cbdecbea68bab6a18fc24ee12ce4be93ee83d13df40d38b897343ac1443
8af3ed2b805f7d328bd48d358c33f4e1ee7fb84386146872332482b09d6b9927
8b6723c3b6d791ea63bccc64243e4f75dce189ba494ab259b4ed9af0eaa9de51
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
90ca5dbb678b4166a01ea61b2e0d5cff7e69f1c352593637b2cc58037049c513
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9ae6c2b49ba38b53a4a557a6860a72707c3a451a76f9615916e607ed604d950c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cb4ab5763a180c97d340abe688773f80fd242a1204170e746e6ac9722891f48
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2de6231033512e6b72110fcd728f0b173efd3045350b710890bdd68700720ad
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a60829244bb117de9e3d7910a2f23ea19ad47ee70938fa086b6a7fbae64522e0
a7d835129c7a6015dad4e367ae9cd3c81ba677d8636d89311ddec29e91d0e0ee
a80a9e480e5fa60068b4959f319b7929f0bc67f51f8e5aba2ec67451d07c923a
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29d929cc30390f2ae6509ce09a6394f54fc83e55e6acc422b74fea6e228fc96
b53015af71d5497bdf8366fbab2ae0a2675a7148955df11e2c8c57a8447615ca
b7be92539464a6156283e6096f11b5a6a282a2f8b4ba719f218160d7ff8d99a6
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cbedf98764f527a4a37eca854dba94d53a755825d1f28d87eedfced4f069b8c3
ced6796376726fde380f7703ca44b5a408a510a0195b0db97bf2a0c2b95b01b7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d9bbff07154665c2118d30aceba129ece1336e71a0c0f517d4d7e15dd97c010a
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
dd6e29d2d126ebd6c86077886a38276ac9f4db80f5fdbd01fa06c4d6042da20f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e475ae356d975e0b79565cf2539329c7236c71ec21c652087a194218a00058f4
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15d92f5a40ea24c4fe8bcdb31c99a8576b32410a702e20d3e55cac8b3c219fd
f27b59a967bf744e274fdee878cd8ea27f575418f2dc76bada7909ff8ae51bcc
f62f1dd4043690aa6b2dad95a61380e5f1ae2d134ce071cd6498435b47f6b920
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
f86dcb410df8e56ffc5be60fbb40221010f36841501d35f3b691a51dbf49675a
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fdb291f34e2d70b88e0b13d28f7cd702dac10cddab322bd3f867e4cbae08b9dd
ff50b858275e5772c70c6dd295e7a641b86783a7768657407f5572bef63f9a21

www.esinonime.com Open in urlscan Pro 69.167.137.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

87 %HTTPS

51 %IPv6

42 Domains

62 Subdomains

49 IPs

8 Countries

3214 kBTransfer

8378 kBSize

42 Cookies

8 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.esinonime.com Open in urlscan Pro
69.167.137.97 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

87 %
HTTPS

51 %
IPv6

42
Domains

62
Subdomains

49
IPs

8
Countries

3214 kB
Transfer

8378 kB
Size

42
Cookies

205 HTTP transactions
3 data transactions