www.elmaelma.com Open in urlscan Pro
195.142.106.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://elmaelma.com/
Effective URL:
https://www.elmaelma.com/
Submission: On April 20 via manual (April 20th 2022, 6:13:22 am UTC) from TR — Scanned from DE

Summary HTTP 273 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 29 domains to perform 273 HTTP transactions. The main IP is 195.142.106.235, located in Turkey and belongs to BETAINTERNATIONAL, TR. The main domain is www.elmaelma.com.
TLS certificate: Issued by R3 on March 8th 2022. Valid for: 3 months.

This is the only time www.elmaelma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	195.142.106.235 195.142.106.235	199484 (BETAINTER...) (BETAINTERNATIONAL)
7	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
87	195.142.105.14 195.142.105.14	199484 (BETAINTER...) (BETAINTERNATIONAL)
39	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	195.142.105.24 195.142.105.24	199484 (BETAINTER...) (BETAINTERNATIONAL)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	15169 (GOOGLE) (GOOGLE)
1	195.142.109.125 195.142.109.125	199484 (BETAINTER...) (BETAINTERNATIONAL)
12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	85.114.159.98 85.114.159.98	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
27	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
9 12	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 10	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 5	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
4	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	143.204.201.26 143.204.201.26	16509 (AMAZON-02) (AMAZON-02)
3	213.254.244.109 213.254.244.109	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
273	46

3 195.142.106.235 (Turkey) 1 redirects

ASN199484 (BETAINTERNATIONAL, TR)
PTR: 195-142-106-235.rdns.saglayici.net

elmaelma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.elmaelma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 195.142.105.14 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)

s.elmaelma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.elmaelma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.105.24 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.109.125 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)
PTR: 195-142-109-125.rdns.saglayici.net

ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.98 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad9.adfarm1.adition.com

ad9.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.242 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.219.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal900029.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-26.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.109 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	elmaelma.com 1 redirects elmaelma.com www.elmaelma.com s.elmaelma.com i.elmaelma.com	2 MB
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	539 KB
35	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	332 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	383 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	9 KB
9	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 495 rtb0.doubleverify.com — Cisco Umbrella Rank: 697 tps.doubleverify.com — Cisco Umbrella Rank: 494 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 13696 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10293	124 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31596 hal900029.redintelligence.net — Cisco Umbrella Rank: 248694	88 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	2 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	247 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	7 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	5 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9032	2 KB
4	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 16391 ad9.adfarm1.adition.com — Cisco Umbrella Rank: 206755	66 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19570 api.webgains.io — Cisco Umbrella Rank: 54577	51 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5383 adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 41028	5 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 46083	1 KB
2	bilgin.pro ad-cdn.bilgin.pro — Cisco Umbrella Rank: 229505 ad.bilgin.pro — Cisco Umbrella Rank: 204702	11 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2877	50 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	85 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	34 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15136	702 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 67611	312 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 262671	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44330	629 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	416 B
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1758	253 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 1567	4 KB
273	29

	Domain	Requested by
81	i.elmaelma.com	www.elmaelma.com s.elmaelma.com
31	pagead2.googlesyndication.com	www.elmaelma.com pagead2.googlesyndication.com e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
27	tpc.googlesyndication.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com www.elmaelma.com googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	www.googletagservices.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
8	securepubads.g.doubleclick.net	www.elmaelma.com securepubads.g.doubleclick.net
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
7	www.google.com	1 redirects www.elmaelma.com e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com tpc.googlesyndication.com
7	fonts.googleapis.com	www.elmaelma.com googleads.g.doubleclick.net e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com hal900029.redintelligence.net
6	fonts.gstatic.com	fonts.googleapis.com
6	s.elmaelma.com	www.elmaelma.com s.elmaelma.com
5	hal900029.redintelligence.net	1 redirects e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com hal900029.redintelligence.net
5	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	mc.yandex.com	2 redirects www.elmaelma.com
4	cdn.doubleverify.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com cdn.doubleverify.com www.elmaelma.com
4	hal9000.redintelligence.net	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com hal900029.redintelligence.net
4	www.gstatic.com	googleads.g.doubleclick.net e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	api.webgains.io	analytics.webgains.io
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	track.webgains.com	www.elmaelma.com e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	encrypted-tbn3.gstatic.com	www.elmaelma.com
2	encrypted-tbn2.gstatic.com	www.elmaelma.com
2	encrypted-tbn1.gstatic.com	www.elmaelma.com
2	ad9.adfarm1.adition.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com ad9.adfarm1.adition.com
2	imagesrv.adition.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects www.elmaelma.com
2	www.google-analytics.com	www.elmaelma.com www.google-analytics.com
2	www.elmaelma.com	www.elmaelma.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	s0.2mdn.net	ad.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	analytics.webgains.io	track.webgains.com
1	ad.doubleclick.net	www.googletagservices.com
1	www.googletagmanager.com	adv.office-partner.de
1	www.awin1.com	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
1	ad-server.eu	e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
1	adv.office-partner.de	hal900029.redintelligence.net
1	pb.media01.eu	hal900029.redintelligence.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	encrypted-tbn0.gstatic.com	www.elmaelma.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.elmaelma.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	pandg.tapad.com	pghub.io
1	ad-cdn.bilgin.pro	www.elmaelma.com
1	pghub.io	www.elmaelma.com
1	elmaelma.com	1 redirects
273	54

This site contains links to these domains. Also see Links.

Domain
www.cevapla.tv
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.elmaelma.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G2	`2020-03-16` - `2022-05-07`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.elmaelma.com/
Frame ID: 614AEDD55418F7B6CBC25CE743FEA209
Requests: 125 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=aHR0cHM6Ly93d3cuZWxtYWVsbWEuY29tLw%3D%3D&referrer_url=&page_url=https%3A%2F%2Fwww.elmaelma.com%2F&owner=P%26G&bp_id=reklam&initiator=js&data=%7B%22category%22%3A%22Anasayfa%22%2C%22page_name%22%3A%22Elmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%26%23039%3Bya%20Dair%20Her%C5%9Fey%22%7D
Frame ID: B02E9B94BE6E2786B587C089C3F61213
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 4DEE75E45CC7560457C6B930BC3D43BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5741427438444892&output=html&adk=1812271804&adf=3025194257&lmt=1650435194&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.elmaelma.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650435194236&bpp=3&bdt=754&idt=139&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8725525467337&frm=20&pv=2&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C182982000%2C182982200%2C31067163%2C21065724&oid=2&pvsid=1586909204109584&pem=656&tmod=1820491808&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156
Frame ID: CF294AC93C5FDF6BE4C37AB81912F26E
Requests: 2 HTTP requests in this frame

Frame: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E16DF7C119F7FA6DEDA3D507260ED75
Requests: 1 HTTP requests in this frame

Frame: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3EF1D8801D344585A05AE2F6814831E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3NLhD2ksmmAxi7sp_IATAB&v=APEucNUkdXToqaJOsEUTpo8SodDrVe9Qh7aESxqy4LGammXQ0bUvcKRJJ-ZWpKJa1c6kHFSS5EE5GE64l5SCk3ag4TGBZu-m40HJH3_L_-6oxBqEcEpRfJkwiWCSURb84HTb05QtTkL-GQBt4NCt-XnvlJOesNJUW9XeLukWsiVT4Z-NwZp7enA
Frame ID: 3BC490835087F4FD3873518847BCBF40
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Frame ID: D7DD74D92654DE307BC02CEED2C18AF1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8495B66A074DFFDE39E1559F21E28F29
Requests: 3 HTTP requests in this frame

Frame: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C645B4DE32EAFE6BABC370AD92AEBFA8
Requests: 20 HTTP requests in this frame

Frame: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E72868463332068BA84D4AF6C05E65D6
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A6D9168C2CC235732FD82B2C0D7515A6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNULAJJIOiwwjeA_23NOqWKSNmcqGCZmY9IgKI8LNwjUVYM86WsDdzzoWi2ck_aBWH8h61zEtYLjyXa0pYNj9gEyPWaiQVh8Rc7Ou48mBMrUGN0AQh82sC0JU45KGA_9e8dCc1zpQQPOA-FnaSbe_6q4mV9ABrOsoXT3p7ZRqZR-HuLMT60
Frame ID: 16959E95F08CE307C09C29F71BE9D5C1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE4A8812D2025E325D6DB08996DEA922
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 429AC12B9D226ABF0351BF192D733FE7
Requests: 1 HTTP requests in this frame

Frame: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A0641CFEB2D495BD222CCEE8CF582426
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 5B3419CEF8D0D3CEACC8DE025344F2A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARju0OWjATAB&v=APEucNXNUh1GwGb4fQLvrruDArcRTO1hIEA4hp9YLV92Re-xwzrP3zcqNXClCiv-WS9MtORDPd3jYg_kIjdzhrqGNXze_9TP1XxFWclDfi-ebZFCw_xOBDkFA7OJnn6he9-nsk5GlVsdKwQ_vfj_FmXVsRUjpyv1iUyMdEdNMqGAzIFmWsvf8QA
Frame ID: 16FB2E5141269A3B16D72E50CCDFC827
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 259BA54D925AEA88617FA2F3D739481E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 718893E9653F8F7BA590D257CEEDBD30
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41470700035501804444556011935029&actionid=981741&produktid=&dt_url=
Frame ID: CF668B7F88A65F69E1DE4E691338B9CF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 30C14AFC6F94A855F6902EE73907C611
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Frame ID: 681E7B4DFAF4C310CE27C7E5E524AC9A
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=86.253;sz=160x600;u_sd=1;dc_adk=2086295856;ord=gbl7dk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.elmaelma.com%2F$0;xdt=1;crlt=f8ThgUORXR;stc=1;sttr=52;prcl=s
Frame ID: 81CCC43060D4A500498EA76F304739F7
Requests: 11 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2609.js
Frame ID: 7A928CE4196778BAF401630F6AB81D27
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59D09D92975763944BBD36ADF77305F4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 8603760AF6A5683FBF07C8771926848F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73C46DAAB15CEAABEFF8DFDA11A8512D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 022B924EBFFD2DC94F5C05AB6D495110
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elmaelma.com: Magazin Astroloji Sağlık Cinsellik Moda'ya Dair Herşey

Page URL History Show full URLs

http://elmaelma.com/ HTTP 301
https://www.elmaelma.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

273
Requests

94 %
HTTPS

46 %
IPv6

29
Domains

54
Subdomains

46
IPs

10
Countries

3920 kB
Transfer

7488 kB
Size

31
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cevapla.tv/
Title: CEVAPLA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ElmaelmaCom/

Search URL Search Domain Scan URL

URL: https://twitter.com/elmaelmacom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://elmaelma.com/ HTTP 301
https://www.elmaelma.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9614.efisy7OBilA0Zya5oyx90CK8oqysw-sXGjE9oIyhZPfVTJS0bJU7A0x9YL6CojHC.1g4eDlrFKH_2Yjym4WxS-q4xy0E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9614.6MRbofnnf6pDiwlRb12Uz6vw2yPw-Dl33vQAyvhUWalCE6EPTjiM_zZsrVHxYk_z7N_1tugiZ_UPDPO80P5vZQ%2C%2C.5ewMYQy1KdEJrZkpBILTm-iubAo%2C

Request Chain 96

https://mc.yandex.com/watch/17045821?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1067446021874%3Ahid%3A322321896%3Az%3A0%3Ai%3A20220420061314%3Aet%3A1650435194%3Ac%3A1%3Arn%3A138477797%3Arqn%3A1%3Au%3A1650435194777626090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650435192755%3Ads%3A13%2C91%2C44%2C47%2C576%2C0%2C%2C394%2C5%2C%2C%2C%2C1181%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650435194%3At%3AElmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%27ya%20Dair%20Her%C5%9Fey&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/17045821/1?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1067446021874%3Ahid%3A322321896%3Az%3A0%3Ai%3A20220420061314%3Aet%3A1650435194%3Ac%3A1%3Arn%3A138477797%3Arqn%3A1%3Au%3A1650435194777626090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650435192755%3Ads%3A13%2C91%2C44%2C47%2C576%2C0%2C%2C394%2C5%2C%2C%2C%2C1181%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650435194%3At%3AElmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%27ya%20Dair%20Her%C5%9Fey&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

Request Chain 175

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Request Chain 177

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Request Chain 204

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=41470700035501804444556011935029&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41470700035501804444556011935029&actionid=981741&produktid=&dt_url=

Request Chain 208

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=41470700035501804444556011935029 HTTP 302
https://ad-server.eu/wm/pb/native.png

273 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elmaelma.com/
Redirect Chain

http://elmaelma.com/
https://www.elmaelma.com/

128 KB
18 KB

148ms
44ms

Document
text/html

195.142.106.235
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.142.106.235 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-106-235.rdns.saglayici.net
Software: nginx /
Resource Hash: 97d9659238233219d075c63788a25d353b5f23c685deb6a78016340e21d9728d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:13:13 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-lb-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 20 Apr 2022 06:13:12 GMT
Location: https://www.elmaelma.com/
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 150ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400|Roboto+Slab:300,400,700&subset=latin-ext

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a6bd6a1403f2f4330eb96f7f1cfb93d9eeb41f2ce808404e4e3f749ce68bca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 1020 B
480 B 150ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rozha+One&subset=latin-ext

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc93509300e319702d67a64996ed2504b01dc0b89c66225dbb67f08e39bf2f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:13 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 150ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:13 GMT

GET
H2 200 app.8477f3ee577f53075d09ce197a0d45eb.css
s.elmaelma.com/assets/web/css/ 383 KB
68 KB 136ms
35ms Stylesheet
text/css 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://s.elmaelma.com/assets/web/css/app.8477f3ee577f53075d09ce197a0d45eb.css
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 513075c25dadcac18e3cd39bf9850c08d5bb8e87a2a5576d481d11ff5695c7f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: W/"6193c14e-5fbe7"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
x-rocket-mastercachestatus: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 137ms
50ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28514
x-xss-protection: 0
server: sffe
etag: "1191 / 533 of 1000 / last-modified: 1650405960"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Apr 2022 06:13:13 GMT

GET
H2 200 app.3045a8fff8d961103bb67d75516a0416.js Show response
s.elmaelma.com/assets/web/js/ 556 KB
186 KB 136ms
35ms Script
application/javascript 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9d20263638e46c47e2751e0414eb813e85a4992d3f2589410e70fc8abb5f5a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: W/"6193c14e-8b048"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
x-rocket-mastercachestatus: HIT

GET
H2 200 vue-components.db64945a08192a782471.js Show response
s.elmaelma.com/assets/web/js/ 114 KB
46 KB 24ms
20ms Script
application/javascript 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://s.elmaelma.com/assets/web/js/vue-components.db64945a08192a782471.js
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 4fcf21e29b1f485760a494f777776c007ecf328d3482b3e9ee288afbe60a0de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: W/"6193c14e-1c91c"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
x-rocket-mastercachestatus: REVALIDATED

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 179ms
78ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c6beaf8da49cb08065194281f79205e5af4a96b5fcafb1724534c5aaf0c4f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50083
x-xss-protection: 0
server: cafe
etag: 14880687224542599568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 06:13:13 GMT

GET
H2 200 logo.png
www.elmaelma.com/assets/web/img/ 3 KB
4 KB 51ms
45ms Image
image/png 195.142.106.235
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elmaelma.com/assets/web/img/logo.png
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.142.106.235 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-106-235.rdns.saglayici.net
Software: nginx /
Resource Hash: 34fef3b12c824d95dd145ecee83e4b263f553bdae4c9ccee5ba3277e72961851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
server: nginx
etag: "6193c14e-de7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3559
expires: Fri, 20 May 2022 06:13:13 GMT

GET
H2 200 esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
i.elmaelma.com/2/47/26/storage/files/images/2019/08/03/ 2 KB
2 KB 183ms
135ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/47/26/storage/files/images/2019/08/03/esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 80bfafc2de8e93900f248bf0ed8223d814b8838c63da67d33ae19ad977ea1067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
i.elmaelma.com/2/47/26/storage/files/images/2019/06/21/ 2 KB
2 KB 180ms
133ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/47/26/storage/files/images/2019/06/21/evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: f4bc9245dcd96e92ee26645a75ae0c5591822c618dac0f3972948bac135cd295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 shabby-chic-ePQz_cover.jpg
i.elmaelma.com/2/47/26/storage/files/images/2018/04/18/ 2 KB
2 KB 67ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/47/26/storage/files/images/2018/04/18/shabby-chic-ePQz_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e26e78d14a1f6e76420078d87b8a5d0b08fb9d08dfcbedd8868f057cbf8f879a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
i.elmaelma.com/2/47/26/storage/files/images/2019/01/24/ 2 KB
3 KB 67ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/47/26/storage/files/images/2019/01/24/evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: dbc5370d2955197ecbf996f6b4ee3b2cf2111e06e538795d5dfa53a6a50d107d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kuymak-nasil-yapilir-IGV2_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/11/18/ 2 KB
2 KB 67ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/11/18/kuymak-nasil-yapilir-IGV2_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: df6079cde1a55be2c7d4aaf0a55d29acc6ef289bb331b26580d3e9a2385b29f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/02/15/ 2 KB
2 KB 66ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/02/15/cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: de3f3898168160297416b58048ed0a3a399ad59675aff3a0bfc362036d164f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/10/28/ 2 KB
2 KB 20ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/10/28/domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e669a4fb990bb1d2091ea90ff0c5a38e45be731b5ca32f5a55fcb74422d6faca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 burclarin-cinsellik-sirlari-ve-bur-t8nB_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2018/08/31/ 50 KB
51 KB 20ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2018/08/31/burclarin-cinsellik-sirlari-ve-bur-t8nB_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 27237ce50d795e35168b420d798cc3aa1280b69ecb6f7a37ba7bbb010e03d268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 elif-beyza-akkaya-Rl37.jpg
i.elmaelma.com/2/90/90/storage/files/images/2018/08/31/ 5 KB
5 KB 21ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/90/90/storage/files/images/2018/08/31/elif-beyza-akkaya-Rl37.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 76681018115e98a14b1660f94a3160894203c574c4223211dd39ff2f4ee6412c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 hande-kazanova-10-16-subat-haftali-dRuS_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2020/02/06/ 50 KB
50 KB 22ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2020/02/06/hande-kazanova-10-16-subat-haftali-dRuS_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: aee11cb9c2a4e0a7af85fa457482027525c01eb057b07e603f1987a851bc3d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 hande-kazanova-subat-ayi-burc-yorum-EcLk_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2020/01/29/ 49 KB
50 KB 24ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2020/01/29/hande-kazanova-subat-ayi-burc-yorum-EcLk_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 1c9847d928c7b4266a3575c3620489ba7c49dfb44fbded6fc6c2850625d06539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 1519898554-uiqE.jpg
i.elmaelma.com/2/90/90/storage/files/images/2018/03/01/ 6 KB
6 KB 23ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/90/90/storage/files/images/2018/03/01/1519898554-uiqE.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 3afe5b37e9693f3b2ffd375c86cddeb079d1251b0572d8a9347359168d040e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 121-ypmP_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2020/01/16/ 48 KB
49 KB 22ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2020/01/16/121-ypmP_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 68f095452145b7375f0656b0530c905f47a6b401acc865d57fa78a03b43f480a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 hande-kazanova-ile-23-29-aralik-haf-SVhF_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2019/12/19/ 43 KB
43 KB 22ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2019/12/19/hande-kazanova-ile-23-29-aralik-haf-SVhF_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 74b3282e04442aa829b8049beb777383a41c169589156975fca2149e12616585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 123456-SJGU_cover.jpg
i.elmaelma.com/2/482/271/storage/files/images/2019/12/12/ 81 KB
81 KB 136ms
133ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/482/271/storage/files/images/2019/12/12/123456-SJGU_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: f0649a4b0d1dcca5568f20434ffaba4d6361deb6e2a0ca99bcd9e3e7597272d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 uzum-cekirdeginin-faydalari-nel-epHk_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/07/19/ 2 KB
2 KB 136ms
134ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/07/19/uzum-cekirdeginin-faydalari-nel-epHk_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 68555ecbc377dc3060315a377ffc1ff7b7097e3cd9558f2de6ac5344f58d882c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 avokadolu-kahvaltilik-tarifi-yaz-ka-vQnD_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/06/27/ 3 KB
3 KB 27ms
24ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/06/27/avokadolu-kahvaltilik-tarifi-yaz-ka-vQnD_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 8290eab7f533c21a79f48f071122926dd05f06f596822c52e4ded95b1b84606e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kisin-makyaj-nasil-yapilir1-GzF9_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/11/27/ 2 KB
2 KB 26ms
26ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/11/27/kisin-makyaj-nasil-yapilir1-GzF9_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: acd7f32d5229331fceb52728d39f9bf76cd799515e6d004aaf67938a6f984306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 hande-busra-koca-zLl1.jpg
i.elmaelma.com/2/70/70/storage/files/images/2018/09/04/ 5 KB
5 KB 29ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2018/09/04/hande-busra-koca-zLl1.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 10bfa52d7ff659168e4e833d9a897adf2fa9ec60767afae6e02a42b15575a16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 ekran-resmi-2020-01-30-12-wwbJ.png
i.elmaelma.com/2/70/70/storage/files/images/2020/01/30/ 13 KB
13 KB 30ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2020/01/30/ekran-resmi-2020-01-30-12-wwbJ.png
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 14ca2ac196e3cf1c667b025d19beee491f7350c557d298be2b026352cc55364b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 1514552903-GdI8.jpg
i.elmaelma.com/2/70/70/storage/files/images/2017/12/29/ 3 KB
3 KB 23ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2017/12/29/1514552903-GdI8.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: b88b9f1a80ea588d9da0172ed2684b674e7c2ae08507259ea7b41b80ea071c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 1517407455-R4WW.jpg
i.elmaelma.com/2/70/70/storage/files/images/2018/01/31/ 4 KB
4 KB 22ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2018/01/31/1517407455-R4WW.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 9eecabfbdebddc882011fec3e5da17d7d81b355d05c649ecb64e61b53cdf8666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 1516802151-jwJS.jpg
i.elmaelma.com/2/70/70/storage/files/images/2018/01/24/ 4 KB
5 KB 21ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2018/01/24/1516802151-jwJS.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 6ebf524018d437220bab0ac5c2ac3ec328ae2e551069c2b4abb62a83a3e9be08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 1514962693-GQbR.jpg
i.elmaelma.com/2/70/70/storage/files/images/2018/01/03/ 3 KB
3 KB 21ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2018/01/03/1514962693-GQbR.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: a260efae34c6f756af91d53b1099e059a49ae31d62f9638df78fd62b86dc8c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 armagan-karagoz-ryHN.jpg
i.elmaelma.com/2/70/70/storage/files/images/2018/11/12/ 5 KB
6 KB 21ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2018/11/12/armagan-karagoz-ryHN.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e948e7b4658ace30435360d88a604daadce866c5038ee5f2f3bed099069dc503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 basak-YKln.jpg
i.elmaelma.com/2/70/70/storage/files/images/2019/01/28/ 3 KB
3 KB 180ms
178ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/70/70/storage/files/images/2019/01/28/basak-YKln.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 2f02be6bfd578332a5335af0932b784bf9d86e0e43b21ca9c920d3bc2445da76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 bu-cay-eklem-ve-kas-agrilarini-yo-EuOi_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/04/01/ 2 KB
3 KB 25ms
24ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/04/01/bu-cay-eklem-ve-kas-agrilarini-yo-EuOi_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 03aa0dde082c255531c198ee77556b42bbce69712bc45cecd85ad281e4aaa6ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 cildi-guzellestirmenin-sirri-bu-k-OxTk_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/03/11/ 3 KB
3 KB 25ms
25ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/03/11/cildi-guzellestirmenin-sirri-bu-k-OxTk_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: da87dd5d2019fbcc3c241eed991710d8ca5f9600e91512fa232ee32b05a33d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 staycation-ne-demek-8klL_cover.jpg
i.elmaelma.com/2/57/37/storage/files/images/2019/04/03/ 2 KB
3 KB 25ms
25ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/57/37/storage/files/images/2019/04/03/staycation-ne-demek-8klL_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: c76fbbc1866517cac79cea6cfdd2090958cd6cbfad01a64b5b4b38b018036d7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 bensu-soral-koton-koleksiyonu-bvQ5_cover.jpg
i.elmaelma.com/2/36/21/storage/files/images/2019/03/25/ 1 KB
2 KB 24ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/36/21/storage/files/images/2019/03/25/bensu-soral-koton-koleksiyonu-bvQ5_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 804b801fcbc9f64eb77eabbd879c1ba056288700da3d47f14b6e9cb1d143289b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 1-V3tw_cover.jpg
i.elmaelma.com/2/36/21/storage/files/images/2019/03/19/ 1 KB
2 KB 24ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/36/21/storage/files/images/2019/03/19/1-V3tw_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 8b4cf260d8dc0839fe4bfc09511e4774e91c721881191c2efe1689d64b8f4d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kuru-sampuan-K6oe_cover.jpg
i.elmaelma.com/2/40/23/storage/files/images/2019/03/19/ 1 KB
2 KB 24ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/40/23/storage/files/images/2019/03/19/kuru-sampuan-K6oe_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 178c18dced013b982f3a9636ce96697f20d56d425ecd8df93733e2bf69c7cbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 penti-sevgililer-gunu-koleksiyonu-nD9w_cover.jpg
i.elmaelma.com/2/80/45/storage/files/images/2019/01/28/ 3 KB
3 KB 18ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/80/45/storage/files/images/2019/01/28/penti-sevgililer-gunu-koleksiyonu-nD9w_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 1ded674e7eb84b505a2e5ef4ce05518ddcc427ca969c5bd7e848b164f1d9dd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 45-1GQM_cover.jpg
i.elmaelma.com/2/40/25/storage/files/images/2019/01/02/ 2 KB
2 KB 136ms
136ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/40/25/storage/files/images/2019/01/02/45-1GQM_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e0803041184b115ebea7624d83ec901d22302e0ddc36a25beaad195532cc44af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 dmxnetwork-derin-mermerci-network-HRDG_cover.jpg
i.elmaelma.com/2/40/25/storage/files/images/2018/12/11/ 1 KB
2 KB 137ms
136ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/40/25/storage/files/images/2018/12/11/dmxnetwork-derin-mermerci-network-HRDG_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 89eb9498cf00caf0bf174ef3380a222cccd8d42f0abfa7b013d08c4b4cfe6471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 ekran-resmi-2018-12-03-12-pRSA_cover.png
i.elmaelma.com/2/40/25/storage/files/images/2018/12/03/ 3 KB
4 KB 21ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/40/25/storage/files/images/2018/12/03/ekran-resmi-2018-12-03-12-pRSA_cover.png
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 8b993ca96610c8fd0d3fea7397e5b68dc0ce2e9753d5be3dd9f6e7cdec69682c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 ekran-resmi-2018-12-03-12-pRSA_cover.png
i.elmaelma.com/2/50/25/storage/files/images/2018/12/03/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/12/03/ekran-resmi-2018-12-03-12-pRSA_cover.png
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: d4e12e1b21babbc97599c9bcdfc242374396f15666715038a17fcd2056f878f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 swarovski-FjRy.jpg
i.elmaelma.com/2/20/20/storage/files/images/2018/12/03/ 659 B
1 KB 19ms
17ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/20/20/storage/files/images/2018/12/03/swarovski-FjRy.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: be87962252c963d22162edf217c236155e21ef1fd1e2e3acf761cd5f040d6da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kisin-bu-meyvleri-kesin-tuketin-FBIf_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/12/01/ 3 KB
3 KB 137ms
137ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/12/01/kisin-bu-meyvleri-kesin-tuketin-FBIf_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: bf44bb2e4a68bc3d36bc60f92c9f0e0e719fb6f1f43f6ca7fc8c16fce2253b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 cikolatali-pisi-nasil-yapilir-7U6i_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/06/28/ 2 KB
2 KB 18ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/06/28/cikolatali-pisi-nasil-yapilir-7U6i_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 38111da64fd8b8d94f4ffb3abacb633dd076c74e1ab4e32fcbc316b386f6f5c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 bebeklerde-reflu-hastaligi-nasil-aIxo_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/04/17/ 2 KB
2 KB 183ms
183ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/04/17/bebeklerde-reflu-hastaligi-nasil-aIxo_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 03ac4e2025fbf324db37efc7415bd90fffd2c09f60e4be109143c0bc185b98e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 kas-dokulmesi-nasil-onlenir-oDW8_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/11/17/ 2 KB
2 KB 20ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/11/17/kas-dokulmesi-nasil-onlenir-oDW8_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 0fb2a2ebd521fe700af476d8bd34faf2aa725a460a16f7a82e7f12ce63b0ee0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kis-dekorasyonu-nasil-yapilir-ahs-9wPY_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/12/12/ 2 KB
2 KB 137ms
136ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/12/12/kis-dekorasyonu-nasil-yapilir-ahs-9wPY_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 1e0f08fd429042ce735512cd591869310cf63adbbca8511521f58c1cb653bb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 pirinc-unu-maskesiyle-gozenekleri-NTaB_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/05/24/ 2 KB
2 KB 18ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/05/24/pirinc-unu-maskesiyle-gozenekleri-NTaB_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 686423324a5d0b5a38b1a8bd18bc43ea91bc1bb9ca7cd5833dabb73dc8e073f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kirpik-dokulmesine-ne-iyi-gelir-uYma_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/06/26/ 2 KB
2 KB 21ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/06/26/kirpik-dokulmesine-ne-iyi-gelir-uYma_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: ab19951257cf50b89529dbcefce5af7c2ddcc1daaaffe38316d3372be33f718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 talasemi-hastaligi-hakkinda-dogru-Qokn_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/05/07/ 2 KB
2 KB 22ms
22ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/05/07/talasemi-hastaligi-hakkinda-dogru-Qokn_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 128ade407c55a538ffb6d5af6de0cbef2fdef01fef8d16360240cf4697aebb81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 atom-icecek-tarifi-arda-ENLt_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/05/18/ 2 KB
2 KB 19ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/05/18/atom-icecek-tarifi-arda-ENLt_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e818950d539dd9963c6f6f6b060163ebc0696b4e7f2c81f665b3170d71846d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 ilkbaharda-cilt-bakimi-nasil-olmal-lfO9_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2020/03/16/ 1 KB
2 KB 22ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2020/03/16/ilkbaharda-cilt-bakimi-nasil-olmal-lfO9_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: fb3bac0c52ef162a704a0a74cd9e37e311103005124030c5bc4d219ce520aec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 yam-sebzesinin-faydalari-neler-NwTq_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/08/27/ 2 KB
2 KB 22ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/08/27/yam-sebzesinin-faydalari-neler-NwTq_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 34672c86118a6cec989d7edf6c5db3810d5617f283fd2e94ded1e7f3a993f808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 cocuklarda-kekemelik-neden-olur-h-TatF_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/09/24/ 2 KB
2 KB 22ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/09/24/cocuklarda-kekemelik-neden-olur-h-TatF_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 84c7d49eca9a81d9880567011ca3fbc46b6afb34f821bc03fe614fbc3434e821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kahvalti-sofralari-icin-cemen-yap-mRyY_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/08/09/ 2 KB
3 KB 19ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/08/09/kahvalti-sofralari-icin-cemen-yap-mRyY_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: d5a51eb772589ecd0b726a4c111a17140110194c21859e1ee4becfb439db9cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 goz-fari-nasil-surulur-birden-fazla-gwDp_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2021/01/18/ 2 KB
2 KB 22ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2021/01/18/goz-fari-nasil-surulur-birden-fazla-gwDp_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e7f96d9a81e506190b18b380959c64676b9fe12f8558ee1dc9845bd1eb4b08c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 mahlebin-faydalari-hangi-hastalikla-MXvn_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/03/12/ 2 KB
3 KB 22ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/03/12/mahlebin-faydalari-hangi-hastalikla-MXvn_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: eb99c09ba04abd753cb6f158d57b9290247fe2aeb5339e3e63ce7b13e1550965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 cagla-meyvesinin-faydalari-neler-6TMR_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/03/15/ 2 KB
2 KB 23ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/03/15/cagla-meyvesinin-faydalari-neler-6TMR_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: f123517614a23c259dc5dc7380004021b48f08b06a942570d7fc1dfc44a5b67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: HIT
x-rocket-cachestatus: HIT

GET
H2 200 1521715744-Dzr3_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/03/22/ 2 KB
3 KB 20ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/03/22/1521715744-Dzr3_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 9fadf00f2dfad3c14e5973e9981dd926422180dbef36161fed90ef5982d16416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 makyajsiz-0v9e-cover-lVmA_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/05/21/ 2 KB
2 KB 138ms
134ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/05/21/makyajsiz-0v9e-cover-lVmA_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: f3be4c157abf98d150c570328cd7482f2cb603ed760a2c5dbcfcd49379c58417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 evde-guzellik-salonuna-gitmeden-ci-0c0M_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/08/02/ 2 KB
2 KB 23ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/08/02/evde-guzellik-salonuna-gitmeden-ci-0c0M_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 7702e019432c69fab9ddd631a39aa769521f7733d5b4659013c9b10512f5b459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 cocuk-odasi-dekorasyon-ornekleri-di-US5P_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/03/16/ 2 KB
3 KB 23ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/03/16/cocuk-odasi-dekorasyon-ornekleri-di-US5P_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: f4c2d1d185295d83ccfb08513e2e8965be79b56b140043214679ac833fc44cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kitaplik-6hK1_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/10/05/ 2 KB
2 KB 23ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/10/05/kitaplik-6hK1_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: b24c4f439666f521a8d1597c6b6c7b9c5f0855680bd7d58f09fa146e494834a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 vejeteryan-beslenme-nasil-olmali-ce-HYrw_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/01/06/ 2 KB
3 KB 20ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/01/06/vejeteryan-beslenme-nasil-olmali-ce-HYrw_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: ebcba80a7cd453e1b38a3d00192b5e4f91ed91a028bf8ce70bb14ad391f18944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 yagli-cilt-tipi-olanlar-icin-etkili-dGRc_vertical.jpg
i.elmaelma.com/2/37/49/storage/files/images/2019/10/28/ 2 KB
3 KB 20ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/37/49/storage/files/images/2019/10/28/yagli-cilt-tipi-olanlar-icin-etkili-dGRc_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 3037d6b64ce21ee3826e508de0c2c66e2d483f04247148e15d8df9496f27cfbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 tene-koyu-gelen-fondoten-nasil-ac-MPaY_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2019/08/31/ 2 KB
2 KB 20ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2019/08/31/tene-koyu-gelen-fondoten-nasil-ac-MPaY_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 1eb8ee0043a412b0171b320e61aebf26e21d9731b910bd39477b26a686976a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 cocuklarinizin-yaninda-tartismakt-koEP_cover.jpg
i.elmaelma.com/2/50/25/storage/files/images/2018/11/27/ 2 KB
2 KB 28ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/50/25/storage/files/images/2018/11/27/cocuklarinizin-yaninda-tartismakt-koEP_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 87d2266d8c3c97f745993d5ccbd564303974fd1afd54fad845babc99c7ee1337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:14 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 jquery.lazy.min.js Show response
s.elmaelma.com/assets/web/js/ 5 KB
3 KB 36ms
36ms Script
application/javascript 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://s.elmaelma.com/assets/web/js/jquery.lazy.min.js
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: W/"6193c14e-139e"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
x-rocket-mastercachestatus: HIT

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 121ms
32ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:13:38 GMT
content-encoding: gzip
age: 3575
x-guploader-uploadid: ADPycdsSAV_NL-Tm0HWPkh8RRxBgMPC5Hftl3QPWIqFeJuB6zSi9OCA4sj1RNndo6dFyBVfgkWhbMfpLJsQgf4BCCNaVGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3690
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
server: UploadServer
etag: "1f39af8c4109e6a95d6895228aab0692"
vary: Accept-Encoding
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation: 1649178504809914
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3690
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 144ms
46ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6962
date: Wed, 20 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 20 Apr 2022 06:17:11 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 140ms
64ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-c59f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50591
expires: Wed, 20 Apr 2022 07:13:13 GMT

GET
H2 200 ad-3.0.8.lazy.beta.min.js Show response
ad-cdn.bilgin.pro/app/ 24 KB
9 KB 117ms
28ms Script
application/javascript 195.142.105.24
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
content-encoding: gzip
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-rocket-cachestatus: HIT
last-modified: Thu, 09 Dec 2021 09:52:43 GMT
x-rocket-mastercachestatus: HIT

GET
H2 200 makyaj-manset-9OTf_cover.jpg
i.elmaelma.com/2/700/345/storage/files/images/2018/10/02/ 95 KB
95 KB 21ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/700/345/storage/files/images/2018/10/02/makyaj-manset-9OTf_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 0a4960c9e214dd310a6f054ad4cca8c0245e4502fff5db7c5da402aae7ac0a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 vakti-olmayan-annelere-guzellik-o-QUZ6_cover.jpg
i.elmaelma.com/2/290/165/storage/files/images/2019/07/30/ 21 KB
21 KB 21ms
21ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/290/165/storage/files/images/2019/07/30/vakti-olmayan-annelere-guzellik-o-QUZ6_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: feb097fa48c73120eeced80f7b1178786f4fa81f7658b75b992d66e4f5a7ea69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: EXPIRED
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 hayit-tohumunun-faydalari-neler-DHwK_vertical.jpg
i.elmaelma.com/2/190/345/storage/files/images/2019/08/14/ 32 KB
32 KB 24ms
23ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/190/345/storage/files/images/2019/08/14/hayit-tohumunun-faydalari-neler-DHwK_vertical.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 1917ed23359e091a72ea75e6a781db2a66ce6903d0c653d62232fd9c5df05ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 sigil-neden-cikar-tedavisi-nasil-ol-iRaN_cover.jpg
i.elmaelma.com/2/290/165/storage/files/images/2018/09/09/ 17 KB
18 KB 21ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/290/165/storage/files/images/2018/09/09/sigil-neden-cikar-tedavisi-nasil-ol-iRaN_cover.jpg
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 8da2484b2ff3cd7ffe4537fdea1ad27d3425d6aec39b9f9818292f532e78b7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 sprite.png
s.elmaelma.com/assets/web/design/ 64 KB
64 KB 19ms
19ms Image
image/png 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.elmaelma.com/assets/web/design/sprite.png
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/css/app.8477f3ee577f53075d09ce197a0d45eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 0bfd490798e0f2624a8dfcc9c2f3d24b4195790b36bd605fef09cedbc8e64551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.elmaelma.com/assets/web/css/app.8477f3ee577f53075d09ce197a0d45eb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: "6193c14e-ffd2"
x-rocket-cachestatus: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
accept-ranges: bytes
content-length: 65490
x-rocket-mastercachestatus: UPDATING

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v126/ 121 KB
122 KB 203ms
111ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v126/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elmaelma.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 18:57:23 GMT
x-content-type-options: nosniff
age: 126950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124372
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:26:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:57:23 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v22/ 32 KB
32 KB 146ms
54ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400|Roboto+Slab:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elmaelma.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:02:38 GMT
x-content-type-options: nosniff
age: 635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:13:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 06:02:38 GMT

GET
H2 200 icomoon.ttf
s.elmaelma.com/assets/web/fonts/ 4 KB
5 KB 56ms
18ms Font
application/octet-stream 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://s.elmaelma.com/assets/web/fonts/icomoon.ttf?rt4o8l1
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/css/app.8477f3ee577f53075d09ce197a0d45eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6dbefee9c7265e8dc7e98b8fb73e78c96527fc9ceacececb813eefab7ab8a5a5

Request headers

Referer: https://s.elmaelma.com/assets/web/css/app.8477f3ee577f53075d09ce197a0d45eb.css
Origin: https://www.elmaelma.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:13 GMT
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
etag: "6193c14e-11c8"
x-rocket-cachestatus: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:13 GMT
cache-control: max-age=2592000
last-modified: Tue, 16 Nov 2021 14:33:50 GMT
accept-ranges: bytes
content-length: 4552
x-rocket-mastercachestatus: HIT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v22/ 19 KB
19 KB 125ms
45ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400|Roboto+Slab:300,400,700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cda92988f0d5d1528552e91f81f6e825572fe78f8294a79c4d1f67a57fe605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elmaelma.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 07:29:51 GMT
x-content-type-options: nosniff
age: 427402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19008
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:13:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 07:29:51 GMT

GET
H2 200 tag Show response
pandg.tapad.com/ Frame B02E 13 B
253 B 131ms
47ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=aHR0cHM6Ly93d3cuZWxtYWVsbWEuY29tLw%3D%3D&referrer_url=&page_url=https%3A%2F%2Fwww.elmaelma.com%2F&owner=P%26G&bp_id=reklam&initiator=js&data=%7B%22category%22%3A%22Anasayfa%22%2C%22page_name%22%3A%22Elmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%26%23039%3Bya%20Dair%20Her%C5%9Fey%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Wed, 20 Apr 2022 06:13:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 44ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Apr 2023 22:36:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 171 B
139 B 94ms
48ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.elmaelma.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

63680c57bea5fbfad5a4b9e3bff4450d41d8fd58c9cda9af9e6d96cf78e00691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:14 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 97ms
47ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1472713816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elmaelma.com%2F&ul=en-us&de=UTF-8&dt=Elmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%27ya%20Dair%20Her%C5%9Fey&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1342804320&gjid=380593443&cid=1180536202.1650435194&tid=UA-24361446-1&_gid=1024319101.1650435194&_r=1&_slc=1&z=844605120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elmaelma.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9614.efisy7OBilA0Zya5oyx90CK8oqysw-sXGjE9oIyhZPfVTJS0bJU7A0x9YL6CojHC.1g4eDlrFKH_2Yjym4WxS-q4xy0E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9614.6MRbofnnf6pDiwlRb12Uz6vw2yPw-Dl33vQAyvhUWalCE6EPTjiM_zZsrVHxYk_z7N_1tugiZ_UPDPO80P5vZQ%2C%2C.5ewMYQy1KdEJrZkpBILTm-iubAo%2C

75 B
75 B

32ms
31ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9614.6MRbofnnf6pDiwlRb12Uz6vw2yPw-Dl33vQAyvhUWalCE6EPTjiM_zZsrVHxYk_z7N_1tugiZ_UPDPO80P5vZQ%2C%2C.5ewMYQy1KdEJrZkpBILTm-iubAo%2C

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9614.6MRbofnnf6pDiwlRb12Uz6vw2yPw-Dl33vQAyvhUWalCE6EPTjiM_zZsrVHxYk_z7N_1tugiZ_UPDPO80P5vZQ%2C%2C.5ewMYQy1KdEJrZkpBILTm-iubAo%2C
date: Wed, 20 Apr 2022 06:13:14 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 load Show response
ad.bilgin.pro/ 6 KB
2 KB 184ms
75ms XHR
text/html 195.142.109.125
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 863ff90e08af499fa43fcaa2a708566c31b0025327b2e38ae95b460f5f99167d

Request headers

Referer: https://www.elmaelma.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 40ms
39ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 07:13:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 303 KB
108 KB 63ms
62ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5741427438444892&plah=www.elmaelma.com&bust=31067163

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e68916f94a7c4d63f13173e139a8a500ebd58c1ebbe85f4dcc2e664c91f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110910
x-xss-protection: 0
server: cafe
etag: 17711078589388899673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 06:13:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 4DEE 10 KB
5 KB 131ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 20:59:15 GMT
etag: 14837630671339829333
expires: Tue, 03 May 2022 20:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 66ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24361446-1&cid=1180536202.1650435194&jid=1342804320&gjid=380593443&_gid=1024319101.1650435194&_u=IEBAAEAAAAAAAC~&z=1288209428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elmaelma.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Apr 2022 06:13:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/17045821/
Redirect Chain

https://mc.yandex.com/watch/17045821?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/17045821/1?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8...

338 B
420 B

32ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/17045821/1?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1067446021874%3Ahid%3A322321896%3Az%3A0%3Ai%3A20220420061314%3Aet%3A1650435194%3Ac%3A1%3Arn%3A138477797%3Arqn%3A1%3Au%3A1650435194777626090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650435192755%3Ads%3A13%2C91%2C44%2C47%2C576%2C0%2C%2C394%2C5%2C%2C%2C%2C1181%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650435194%3At%3AElmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%27ya%20Dair%20Her%C5%9Fey&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e79a1aca2bb28101b80afa699406e693890ffc8b89b370d918bb5f58828eaa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 20-Apr-2022 06:13:14 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elmaelma.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Wed, 20-Apr-2022 06:13:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
last-modified: Wed, 20-Apr-2022 06:13:14 GMT
location: /watch/17045821/1?wmode=7&page-url=https%3A%2F%2Fwww.elmaelma.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A1143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1067446021874%3Ahid%3A322321896%3Az%3A0%3Ai%3A20220420061314%3Aet%3A1650435194%3Ac%3A1%3Arn%3A138477797%3Arqn%3A1%3Au%3A1650435194777626090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650435192755%3Ads%3A13%2C91%2C44%2C47%2C576%2C0%2C%2C394%2C5%2C%2C%2C%2C1181%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650435194%3At%3AElmaelma.com%3A%20Magazin%20Astroloji%20Sa%C4%9Fl%C4%B1k%20Cinsellik%20Moda%27ya%20Dair%20Her%C5%9Fey&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.elmaelma.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 20-Apr-2022 06:13:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 147ms
57ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24361446-1&cid=1180536202.1650435194&jid=1342804320&_u=IEBAAEAAAAAAAC~&z=1025460686

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 139ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24361446-1&cid=1180536202.1650435194&jid=1342804320&_u=IEBAAEAAAAAAAC~&z=1025460686

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
416 B 43ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elmaelma.com&callback=_gfp_s_&client=ca-pub-5741427438444892

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5741427438444892&plah=www.elmaelma.com&bust=31067163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd80ccb16ca60c8d2244078eee4477798e6251e0d773dc543e934c0b753cb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elmaelma.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
45ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elmaelma.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF29 156 KB
44 KB 456ms
409ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5741427438444892&output=html&adk=1812271804&adf=3025194257&lmt=1650435194&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.elmaelma.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650435194236&bpp=3&bdt=754&idt=139&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8725525467337&frm=20&pv=2&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C182982000%2C182982200%2C31067163%2C21065724&oid=2&pvsid=1586909204109584&pem=656&tmod=1820491808&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a60f3ec98e8e7b825d2064021c9ac2daafe8f3edd61070401579fa414e4493be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44822
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Wed, 20 Apr 2022 06:13:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
36 KB 556ms
555ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1586909204109584&correlator=44249700654911&eid=31065714%2C21065724%2C31065518&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=87008377%2Celmaelma_dekstop%2Cmasthead&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C320x50%7C960x250%7C980x100%7C980x250%7C970x250%7C970x90&fluid=0%2Cheight&ifi=2&adks=3603044478%2C3857186176&sfv=1-0-38&ecs=20220420&ists=2&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650435194437&lmt=1650435194&dlt=1650435193482&idt=783&biw=1600&bih=1200&adxs=-9%2C320&adys=-9%2C120&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.elmaelma.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1600x0&msz=0x-1%7C1600x0&fws=2%2C4&ohw=0%2C1600&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=true&btvi=-1%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f2564b7acf0601f61c5564bf89065864028ad1a49e03b295d552a55fd72656c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36437
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 258ms
258ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1586909204109584&correlator=44249700654911&eid=31065714%2C21065724%2C31065518&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=87008377%2Celmaelma_dekstop%2C300x250_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=200x200%7C250x250%7C300x250&ifi=4&adks=908445770&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650435194446&lmt=1650435194&dlt=1650435193482&idt=783&biw=1600&bih=1200&adxs=283&adys=933&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.elmaelma.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=200x0&msz=200x0&fws=0&ohw=0&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7ea7243716d2eb40734ad1879ed1eef4577e468408bce4886b7a197cf1eec2d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8859
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 687ms
687ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1586909204109584&correlator=44249700654911&eid=31065714%2C21065724%2C31065518&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=87008377%2Celmaelma_dekstop%2Csol_160x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600&fluid=height&ifi=5&adks=3604206393&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650435194449&lmt=1650435194&dlt=1650435193482&idt=783&biw=1600&bih=1200&adxs=20&adys=95&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.elmaelma.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=516&ohw=160&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e857fdca2a47e485f2202610b21bc1ac7ed1e4fd1d6c5db4fa79ebcbc3cce7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9011
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 822ms
821ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1586909204109584&correlator=44249700654911&eid=31065714%2C21065724%2C31065518&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=87008377%2Celmaelma_dekstop%2Csag_160x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=6&adks=3153433976&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650435194451&lmt=1650435194&dlt=1650435193482&idt=783&biw=1600&bih=1200&adxs=1420&adys=95&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.elmaelma.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=516&ohw=160&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

369425d5374cfb9bc86275fbf5d1c2bc919725c5bca1f9b12e6d32dc8326be0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11234
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elmaelma.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E16 6 KB
4 KB 160ms
46ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Thu, 20 Apr 2023 06:13:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3EF 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Thu, 20 Apr 2023 06:13:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BC4 624 B
300 B 66ms
66ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3NLhD2ksmmAxi7sp_IATAB&v=APEucNUkdXToqaJOsEUTpo8SodDrVe9Qh7aESxqy4LGammXQ0bUvcKRJJ-ZWpKJa1c6kHFSS5EE5GE64l5SCk3ag4TGBZu-m40HJH3_L_-6oxBqEcEpRfJkwiWCSURb84HTb05QtTkL-GQBt4NCt-XnvlJOesNJUW9XeLukWsiVT4Z-NwZp7enA

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Wed, 20 Apr 2022 06:13:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C3EF 14 KB
10 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2gjE7iyK7ihFya-1VDWi35kjPnpoTLS-fZIfUfKxH4d1vkl979aQpOFrSdXH0g5MqCx4XfRe2srFbRKf-W_goSfwvW7bkGFrtDJeTVgwVCEA918DfMfq8vsgyp75cuE2mGcbh2mA-j-J79D3COCN8G8SyVQ&cry=1&dbm_d=AKAmf-DCHBL96Acvkx16ByKDOA2OukI4AbEptNVU70OCYMoXKSw8-pOBHHvfdZbSUoh00e9k71PbePX-oSRlNAmyIdV2W7S7Gsqq1xlKUVeARpmwKUupOYbYaqwmBJwm_Arql1HNUcbxTGWFzB312_FdaRmTzm0JDXJKqaWwPCLswMNRb1VLyrGgamx_8FuDwGin36CoV89Suu_WYyp1mnwv78eaZFo8a2VWZmkhEmU7_-hZ7asEZu8EqvlJ5SSB5inq-QUHCy5WFCcZpUCp_8EAeM1O93Y3RY5QmUlmY9aAO24E0Fp12WxNmZk0bV-gEfNTz36F6nXd_9FyMe7g4_JuJhZ0CIk0Jh0OlC3cy_DDMRSikhs4SJEOAHQjLS8SEmdMvhjakmUnWc2G3n4jN6EgnxmksHfS82HA0Ka3sbjGHkDBHnEyFPynTiQWk0NK5AhVA13G7yr5WkOjhKQsAD0wBMiZnjLyxnegp22EHZN-z0rDnrI8dH7EKhUTpKyVYZb9pt-VMOM9YuuE3AZwRszaKgLaP4CL7LaQtuEw4_t0o8ixZHIVKBVqI4tVg7COBONE29fUlxu10sBiBYCW1Fa9zQdyDK_mYaEK2VaywLqDsGbYKQJIX82T7y4TOaDX3w_deKaTt0S4rtgTQL7Aiu4Xbsou9XQOYi6UovS74B7Ia3DvOVuoTMFZmdV7Dcj4VNyJ4uYzxyoeYX9LpKmRJTh3ufqowz_R39hS1SkMDDBVdKcnBH4dbu4s9BFnLiekVcyEer9_8_vIMCgxdGhFMgN2eXuz0seBYlHo2jhsCb0p-Wm9z-DBSTeLwQUW4gRZu4mJh1UfMTLLrnz9B8mR7YXWdIhDsM2PI01uFXq9ECkcYAzBJ8OV-AT8IVTibeEmprCC7BS4m1OJRYyaqQsIpjyYhtOo8R7dqyl_rAbPi-XX7CMZaJJ0FpM2HVCcnkkKj_SGRw8eJVbygRBMj4EFkZNZE4Q4--LDFuYv_QmZN13ENKHJzxANczLCVXKSrsej8L8sc5twAHUPVnKx_lh7kPpYJ9-9n-2toJdKIcCtk845YRN3DgIzkPg6N9hqCxR1y8S8u75LuuZe_QUDbt8v_F8eFuqkYDpFuEBV8W7tbdsHZcynrRhQjkNO4r8yks-wkqStsXoJaX7GW-JB9xGi6zGqT5EALZPxLykCFrFKK170N4RZo8Clf21Q7PzmUx84k8PiyXOy8jP5j2Ck8o29EL0tTRCIupiCMWWtkhGBmNaDoIUOjdlk6yzWYX0Z4Swb2FBIbh4wIyXnCsOHr3uYICpTToFvNnN_1_6I8eKsjaVVncNVkF496vbobeyWk6-gcyGHTk4fi_kG3vG6PXT0EZsj8WpTbp2pNrcGh0sudyMHhRegiGGqtYEYQwESaK3imW1BdR_rXzZwBnWg1zw6BqqL7SqMQ-c4mAd8AbJcD2VBgSY0E8HZEvsQLT3sBpUgrjJb0wbgRdkY6MfVJLZLtVFEqJ-RUpovJiqDMnKM-IEMCm_Il88FDgEQuCP_Ufmvd06jXf7wr9SDUxo5c_A_-Y5teBbPyibebCHoFImPQHJ-aMHNVvSplpzcCLCLjJEcEOcsSLYO7nNAFcQ40_To_58ng75PF5VnkbU5FgauGGvGokgq9Vz6EL2kc9-_6cYgIublTdaILQDqr7CfjvKI-NEC3d_9FHtzRc-XisZuCSzGgxQQubIWtzHiDiScKI14hr0Ij9nM1nFEjY_zAgZSrJv72nFJwMNV6Nm0425fDJ8qztjiuXh7F7b-w3t5UmMQl9hmwsCyCfn0KJah8QL3EOef4dcp-_6xSrnTXdjCmB6zLnBb7pxSWLq4kWkJmNKOcBHICGVZEmtqCAucESy-h4_yTE8NaUflhOML-clPk-__ADlxMxUsPwba8yIOPXJ9ofJrKDNjGkaljLScwo8YOZVy6gXcI4afowfOSgL9TNcp8Kf6sNaWfwAhvyid33z4O2lx7lPsAP0uSB1bbhkrGNiJWPkr-YF4E2tWMn_9BFIGraiFz_G1hlmUZTuZH__W9OZ63xnOuJUMj99yZbRm_etP2FTd9llQV3J9epNA47fh_wGoYpUPyDeu0LS-5H8V613FtTQsq8MTbPnozJMRzwa9gXW1JFgJpDN8cQbZ5AyT51NqGp2aTSSA7YSI9wP_gOhWMzoOz8fcSBD5bBw0Bw50WN4MKw7bq8t-en1p_LgTyieIkzx_smeDopmun63g6bNVxUJtkaN1qr0NvT6hUZZ69fkvUuSl4Vf6zBPNbVu0o_6-FiTclhcrIp8LlmeHYEaVzBH-UEvyTE-UU-Pjn3XVp6fgi2hH0EJcXA991mxhawL-1WTCSprdSPcPODT5oyy7eCvlhiUfuedy3VY-fBg8PxszOhe1wewsgzD5J2biNEoEbnY0LTZqL6i4J7Oz2BcZnvJgRKH9K4_bm1QM8Ezo2H5n8N9Idcb5XA-nw2BZawMOfDkwj_-GGhtrnV8FZiM6y1_Y30U9eBRMjX1G-04H06j58qA8s7ZRzpTjU-BjlBWa-W2OYT8YiDFHSRSlavn6kEEEcvZfcOcAd4x0_HOOvbeRoyLsyh79LibvKxyr_0LnSexjH1TaYNzHSfPcM6mLcInCTVY8v44CuebZC_OlJ3yi3GKENINuSlHifRxL_TMT4W_sTB0P47ybHqNLquxx-3ZKIkSUG8LgYOKK0anjLwJym4ScOnFIWZr2K_h0pXZn35GsAsXtJ6xx11CYKH4M-RKSocyVQ469MLUK48pSCjufbiFtSRM7I-VmE3UN8zRxSXNvpFkV7s-JhmG7L4LeM-lM-Z3c24NO2H42FSeMmShoLoSs5ND4F5_JKgxOVPezZXyg27NeM3w20yFlcctBHYGx9ANjY-BgeHhRFzlLjPtxL3T8WNtPK8ViEf_JQfMkt98swJs58tsilM4oQw4haVuuD-oNI49a9vT0assvsClTu6WMSDnNy8PkHVOOOXtKYlT7RqV8vLXcJYJAOm1_BbcFl3FP_WOsCJ2soLoUdnrhLKN3YEW3HGCMvMriRkCmKSpxd7UPO8G_oeB5UEmvCSgb-P1llOA19-lFkoFDZYD1xjZAtBQPyRAe9Aa0gd5omQ5GXmgIZJHgd5ml8zVlhtCj3PQ84S9rbwDdCrPJzvAO0VaBrQoeS8Ryoav0Gn3OxkHooHwTl4B7mM7x8qesHN9oYvzT&cid=CAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX-3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10eb1ef2b530ad966ffbe7cf23322ce5ea024ad2131093a61deb1e62ca3985fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3EF 42 B
63 B 66ms
66ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVbFrI_iXCSEbjQz66IYrJkgR3l8foA5nsnAC3AL2BN3sIuyR3QkIDaGYR4RkMbhzhlknnvLPJhK0CvLGmEaHv5e09z-M50lhoNRCPS8IaW_TWuwY

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame C3EF 32 KB
8 KB 38ms
9ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad9.adfarm1.adition.com/ Frame C3EF 3 KB
2 KB 40ms
11ms Script
application/x-javascript 85.114.159.98
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad9.adfarm1.adition.com/js?wp_id=4734815&gdpr=&gdpr_consent=&kid=5204563&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCCconeqRfYtaWHpOX-gb17qeYCN-pltBpo5OM9u8PjbWl84cwEAEgwY_BH2CV4pCCoAegAcbBgsQoyAEJqQJVJj918R2yPqgDAaoE9QFP0CO_esDiqnU6rxfLgrNhTo2kpV2hfTo_jDV3Ih9ynOOGOXPC9o4dYcGTkvdZOPuYtsJmIH-6awBHey2JsrNlkoFny9kAQJhx1WfBuyRD0WvlA1nsiwk4LzgUQOvMRlIeVvGywfRMdnnmYOxHGWGJBi04ZA02z-wFeetFQyhssvJLCpVS7ZV5bOErKGpALCJp-LdQ5Pzogfh0b8Nk9SYrO9-YAtuBB2fQyRK3fx57WE0EE_ihWb2V3iX5kn8uaRucnLNAUzlWVjdVM5KaP-qQlE7GsxSOzZMYC4yfmz2g45wmzvb_KbuiyiYU-mvPDtqjKsHR7MAE6-eLvPcD4AQDkAYBoAZNgAfG-dKjA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATuPPqDsgTlfHm3wPQEwDYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX-3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE%26sig%3DAOD64_1JkMYrH4u2EW_TKv0DDMN6JvL_Qw%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-CBmF8-cFcy-ikNyK_M3Dev0sJ9BHrWlZY6m9wjtyPAfYMfn7bJYqr2ZmUiGWoSshEFCSOhbnEPgRkJqTDOQMCXsAFMCmGUdcTLMGTXX9EkFmEb970ks4MCHJ6-aA6KbKj_JFSH4YGggBI3S8cTS25qSGUOAQ%26cry%3D1%26dbm_d%3DAKAmf-CczyZ1nfC7WOrhHAxX9S1Lpg63Erivbvevt8yB502P7YkYy2U4Mv5omln_VbKJN1CUHt3VQHK5FlTpcRYzoQwaLINly6B6DQC4Td6KAgDBeQ06G3bvb4BTJUA8XDQy1LydmruouSs-aMB0mdc51GGint5nfYBBhcw9KzDMF0QMf1IxMLLE79wWQB2AosxedpccvErDKH6GiVLZJAF5ztWY5aMgR7dTOOSBe6mO_NSmL1TDPzpKA8_o7HFE42hregMlcg1qOnJGDQKVmVon0IX-4VCrwoXDJu5phGih6uz4bsWDtcVYnOph13L7AlIzUJRRttd0FGlZyfdmMyIQELajzI_ZKSRZZeo8bXTzSp_qzeGoYCcuyeptK89AoutC1Wz0rQK60GyJEMfxhUhQQgK_w5k7WDIBbW2r-pDdd6ZB-Tcw4et75lN1H1EYU3SqvzUaRnE7SLpqRk20b4llUn0aqjmNzQ%26adurl%3D
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.98 Rheinfelden, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad9.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d51b39ddb3caa38fba66445371b421635285ba4a2788ac91a3287711ac58d908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:13:14 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame C3EF 3 KB
1 KB 148ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:10:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame C3EF 15 KB
7 KB 143ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:05:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C3EF 0
0 113ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR85V3uYLymtJXPDNPZiT8OCkgtXBaCdT1VMEFAgapwTbH5aBvDTQCRHwAM8bn25929B-4sG7rOYbx3PiSNkJGpyBTRSQ
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3EF 119 KB
37 KB 160ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:14 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF29 0
20 B 72ms
71ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20220413&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5741427438444892&output=html&adk=1812271804&adf=3025194257&lmt=1650435194&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.elmaelma.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650435194236&bpp=3&bdt=754&idt=139&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8725525467337&frm=20&pv=2&ga_vid=1180536202.1650435194&ga_sid=1650435194&ga_hid=1472713816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C182982000%2C182982200%2C31067163%2C21065724&oid=2&pvsid=1586909204109584&pem=656&tmod=1820491808&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 145 KB
51 KB 54ms
54ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/reactive_library_fy2019.js?bust=31067163

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5ce4a5ae6403640aafaf3b13fa0c2ed0fe80a2d06386038685195f7cdeb7f2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52690
x-xss-protection: 0
server: cafe
etag: 7516298931692033631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 06:13:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3BC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

43 B
1014 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3NLhD2ksmmAxi7sp_IATAB&v=APEucNUkdXToqaJOsEUTpo8SodDrVe9Qh7aESxqy4LGammXQ0bUvcKRJJ-ZWpKJa1c6kHFSS5EE5GE64l5SCk3ag4TGBZu-m40HJH3_L_-6oxBqEcEpRfJkwiWCSURb84HTb05QtTkL-GQBt4NCt-XnvlJOesNJUW9XeLukWsiVT4Z-NwZp7enA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3BC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

43 B
1014 B

24ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3NLhD2ksmmAxi7sp_IATAB&v=APEucNUkdXToqaJOsEUTpo8SodDrVe9Qh7aESxqy4LGammXQ0bUvcKRJJ-ZWpKJa1c6kHFSS5EE5GE64l5SCk3ag4TGBZu-m40HJH3_L_-6oxBqEcEpRfJkwiWCSURb84HTb05QtTkL-GQBt4NCt-XnvlJOesNJUW9XeLukWsiVT4Z-NwZp7enA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3BC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

43 B
1020 B

13ms
13ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3NLhD2ksmmAxi7sp_IATAB&v=APEucNUkdXToqaJOsEUTpo8SodDrVe9Qh7aESxqy4LGammXQ0bUvcKRJJ-ZWpKJa1c6kHFSS5EE5GE64l5SCk3ag4TGBZu-m40HJH3_L_-6oxBqEcEpRfJkwiWCSURb84HTb05QtTkL-GQBt4NCt-XnvlJOesNJUW9XeLukWsiVT4Z-NwZp7enA

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 98471bb4-a38f-49b7-85de-b8758fb68c9f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BC4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

170 B
243 B

42ms
42ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:14 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9cf9a381-9593-47b7-b8fe-a3f49c33ff27
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C3EF 41 KB
15 KB 64ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2gjE7iyK7ihFya-1VDWi35kjPnpoTLS-fZIfUfKxH4d1vkl979aQpOFrSdXH0g5MqCx4XfRe2srFbRKf-W_goSfwvW7bkGFrtDJeTVgwVCEA918DfMfq8vsgyp75cuE2mGcbh2mA-j-J79D3COCN8G8SyVQ&cry=1&dbm_d=AKAmf-DCHBL96Acvkx16ByKDOA2OukI4AbEptNVU70OCYMoXKSw8-pOBHHvfdZbSUoh00e9k71PbePX-oSRlNAmyIdV2W7S7Gsqq1xlKUVeARpmwKUupOYbYaqwmBJwm_Arql1HNUcbxTGWFzB312_FdaRmTzm0JDXJKqaWwPCLswMNRb1VLyrGgamx_8FuDwGin36CoV89Suu_WYyp1mnwv78eaZFo8a2VWZmkhEmU7_-hZ7asEZu8EqvlJ5SSB5inq-QUHCy5WFCcZpUCp_8EAeM1O93Y3RY5QmUlmY9aAO24E0Fp12WxNmZk0bV-gEfNTz36F6nXd_9FyMe7g4_JuJhZ0CIk0Jh0OlC3cy_DDMRSikhs4SJEOAHQjLS8SEmdMvhjakmUnWc2G3n4jN6EgnxmksHfS82HA0Ka3sbjGHkDBHnEyFPynTiQWk0NK5AhVA13G7yr5WkOjhKQsAD0wBMiZnjLyxnegp22EHZN-z0rDnrI8dH7EKhUTpKyVYZb9pt-VMOM9YuuE3AZwRszaKgLaP4CL7LaQtuEw4_t0o8ixZHIVKBVqI4tVg7COBONE29fUlxu10sBiBYCW1Fa9zQdyDK_mYaEK2VaywLqDsGbYKQJIX82T7y4TOaDX3w_deKaTt0S4rtgTQL7Aiu4Xbsou9XQOYi6UovS74B7Ia3DvOVuoTMFZmdV7Dcj4VNyJ4uYzxyoeYX9LpKmRJTh3ufqowz_R39hS1SkMDDBVdKcnBH4dbu4s9BFnLiekVcyEer9_8_vIMCgxdGhFMgN2eXuz0seBYlHo2jhsCb0p-Wm9z-DBSTeLwQUW4gRZu4mJh1UfMTLLrnz9B8mR7YXWdIhDsM2PI01uFXq9ECkcYAzBJ8OV-AT8IVTibeEmprCC7BS4m1OJRYyaqQsIpjyYhtOo8R7dqyl_rAbPi-XX7CMZaJJ0FpM2HVCcnkkKj_SGRw8eJVbygRBMj4EFkZNZE4Q4--LDFuYv_QmZN13ENKHJzxANczLCVXKSrsej8L8sc5twAHUPVnKx_lh7kPpYJ9-9n-2toJdKIcCtk845YRN3DgIzkPg6N9hqCxR1y8S8u75LuuZe_QUDbt8v_F8eFuqkYDpFuEBV8W7tbdsHZcynrRhQjkNO4r8yks-wkqStsXoJaX7GW-JB9xGi6zGqT5EALZPxLykCFrFKK170N4RZo8Clf21Q7PzmUx84k8PiyXOy8jP5j2Ck8o29EL0tTRCIupiCMWWtkhGBmNaDoIUOjdlk6yzWYX0Z4Swb2FBIbh4wIyXnCsOHr3uYICpTToFvNnN_1_6I8eKsjaVVncNVkF496vbobeyWk6-gcyGHTk4fi_kG3vG6PXT0EZsj8WpTbp2pNrcGh0sudyMHhRegiGGqtYEYQwESaK3imW1BdR_rXzZwBnWg1zw6BqqL7SqMQ-c4mAd8AbJcD2VBgSY0E8HZEvsQLT3sBpUgrjJb0wbgRdkY6MfVJLZLtVFEqJ-RUpovJiqDMnKM-IEMCm_Il88FDgEQuCP_Ufmvd06jXf7wr9SDUxo5c_A_-Y5teBbPyibebCHoFImPQHJ-aMHNVvSplpzcCLCLjJEcEOcsSLYO7nNAFcQ40_To_58ng75PF5VnkbU5FgauGGvGokgq9Vz6EL2kc9-_6cYgIublTdaILQDqr7CfjvKI-NEC3d_9FHtzRc-XisZuCSzGgxQQubIWtzHiDiScKI14hr0Ij9nM1nFEjY_zAgZSrJv72nFJwMNV6Nm0425fDJ8qztjiuXh7F7b-w3t5UmMQl9hmwsCyCfn0KJah8QL3EOef4dcp-_6xSrnTXdjCmB6zLnBb7pxSWLq4kWkJmNKOcBHICGVZEmtqCAucESy-h4_yTE8NaUflhOML-clPk-__ADlxMxUsPwba8yIOPXJ9ofJrKDNjGkaljLScwo8YOZVy6gXcI4afowfOSgL9TNcp8Kf6sNaWfwAhvyid33z4O2lx7lPsAP0uSB1bbhkrGNiJWPkr-YF4E2tWMn_9BFIGraiFz_G1hlmUZTuZH__W9OZ63xnOuJUMj99yZbRm_etP2FTd9llQV3J9epNA47fh_wGoYpUPyDeu0LS-5H8V613FtTQsq8MTbPnozJMRzwa9gXW1JFgJpDN8cQbZ5AyT51NqGp2aTSSA7YSI9wP_gOhWMzoOz8fcSBD5bBw0Bw50WN4MKw7bq8t-en1p_LgTyieIkzx_smeDopmun63g6bNVxUJtkaN1qr0NvT6hUZZ69fkvUuSl4Vf6zBPNbVu0o_6-FiTclhcrIp8LlmeHYEaVzBH-UEvyTE-UU-Pjn3XVp6fgi2hH0EJcXA991mxhawL-1WTCSprdSPcPODT5oyy7eCvlhiUfuedy3VY-fBg8PxszOhe1wewsgzD5J2biNEoEbnY0LTZqL6i4J7Oz2BcZnvJgRKH9K4_bm1QM8Ezo2H5n8N9Idcb5XA-nw2BZawMOfDkwj_-GGhtrnV8FZiM6y1_Y30U9eBRMjX1G-04H06j58qA8s7ZRzpTjU-BjlBWa-W2OYT8YiDFHSRSlavn6kEEEcvZfcOcAd4x0_HOOvbeRoyLsyh79LibvKxyr_0LnSexjH1TaYNzHSfPcM6mLcInCTVY8v44CuebZC_OlJ3yi3GKENINuSlHifRxL_TMT4W_sTB0P47ybHqNLquxx-3ZKIkSUG8LgYOKK0anjLwJym4ScOnFIWZr2K_h0pXZn35GsAsXtJ6xx11CYKH4M-RKSocyVQ469MLUK48pSCjufbiFtSRM7I-VmE3UN8zRxSXNvpFkV7s-JhmG7L4LeM-lM-Z3c24NO2H42FSeMmShoLoSs5ND4F5_JKgxOVPezZXyg27NeM3w20yFlcctBHYGx9ANjY-BgeHhRFzlLjPtxL3T8WNtPK8ViEf_JQfMkt98swJs58tsilM4oQw4haVuuD-oNI49a9vT0assvsClTu6WMSDnNy8PkHVOOOXtKYlT7RqV8vLXcJYJAOm1_BbcFl3FP_WOsCJ2soLoUdnrhLKN3YEW3HGCMvMriRkCmKSpxd7UPO8G_oeB5UEmvCSgb-P1llOA19-lFkoFDZYD1xjZAtBQPyRAe9Aa0gd5omQ5GXmgIZJHgd5ml8zVlhtCj3PQ84S9rbwDdCrPJzvAO0VaBrQoeS8Ryoav0Gn3OxkHooHwTl4B7mM7x8qesHN9oYvzT&cid=CAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX-3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 15:35:01 GMT

GET
H2 200 banner Show response
ad9.adfarm1.adition.com/ Frame C3EF 4 KB
3 KB 12ms
12ms Script
text/javascript 85.114.159.98
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad9.adfarm1.adition.com/banner?sid=4734815&adjsver=3&fvers=&iframe=1&ref=https%3A//www.elmaelma.com/&ro=https%3A//e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/100.0.4896.75%20Safari/537.36&os=17&browser=11&userid=0&kid=5204563&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCconeqRfYtaWHpOX%2Dgb17qeYCN%2DpltBpo5OM9u8PjbWl84cwEAEgwY%5FBH2CV4pCCoAegAcbBgsQoyAEJqQJVJj918R2yPqgDAaoE9QFP0CO%5FesDiqnU6rxfLgrNhTo2kpV2hfTo%5FjDV3Ih9ynOOGOXPC9o4dYcGTkvdZOPuYtsJmIH%2D6awBHey2JsrNlkoFny9kAQJhx1WfBuyRD0WvlA1nsiwk4LzgUQOvMRlIeVvGywfRMdnnmYOxHGWGJBi04ZA02z%2DwFeetFQyhssvJLCpVS7ZV5bOErKGpALCJp%2DLdQ5Pzogfh0b8Nk9SYrO9%2DYAtuBB2fQyRK3fx57WE0EE%5FihWb2V3iX5kn8uaRucnLNAUzlWVjdVM5KaP%2DqQlE7GsxSOzZMYC4yfmz2g45wmzvb%5FKbuiyiYU%2DmvPDtqjKsHR7MAE6%2DeLvPcD4AQDkAYBoAZNgAfG%2DdKjA6gHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH%5F56xAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATuPPqDsgTlfHm3wPQEwDYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX%2D3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE%26sig%3DAOD64%5F1JkMYrH4u2EW%5FTKv0DDMN6JvL%5FQw%26client%3Dca%2Dpub%2D9612539386533291%26dbm%5Fc%3DAKAmf%2DCBmF8%2DcFcy%2DikNyK%5FM3Dev0sJ9BHrWlZY6m9wjtyPAfYMfn7bJYqr2ZmUiGWoSshEFCSOhbnEPgRkJqTDOQMCXsAFMCmGUdcTLMGTXX9EkFmEb970ks4MCHJ6%2DaA6KbKj%5FJFSH4YGggBI3S8cTS25qSGUOAQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCczyZ1nfC7WOrhHAxX9S1Lpg63Erivbvevt8yB502P7YkYy2U4Mv5omln%5FVbKJN1CUHt3VQHK5FlTpcRYzoQwaLINly6B6DQC4Td6KAgDBeQ06G3bvb4BTJUA8XDQy1LydmruouSs%2DaMB0mdc51GGint5nfYBBhcw9KzDMF0QMf1IxMLLE79wWQB2AosxedpccvErDKH6GiVLZJAF5ztWY5aMgR7dTOOSBe6mO%5FNSmL1TDPzpKA8%5Fo7HFE42hregMlcg1qOnJGDQKVmVon0IX%2D4VCrwoXDJu5phGih6uz4bsWDtcVYnOph13L7AlIzUJRRttd0FGlZyfdmMyIQELajzI%5FZKSRZZeo8bXTzSp%5FqzeGoYCcuyeptK89AoutC1Wz0rQK60GyJEMfxhUhQQgK%5Fw5k7WDIBbW2r%2DpDdd6ZB%2DTcw4et75lN1H1EYU3SqvzUaRnE7SLpqRk20b4llUn0aqjmNzQ%26adurl%3D
Requested by: Host: ad9.adfarm1.adition.com
URL: https://ad9.adfarm1.adition.com/js?wp_id=4734815&gdpr=&gdpr_consent=&kid=5204563&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCCconeqRfYtaWHpOX-gb17qeYCN-pltBpo5OM9u8PjbWl84cwEAEgwY_BH2CV4pCCoAegAcbBgsQoyAEJqQJVJj918R2yPqgDAaoE9QFP0CO_esDiqnU6rxfLgrNhTo2kpV2hfTo_jDV3Ih9ynOOGOXPC9o4dYcGTkvdZOPuYtsJmIH-6awBHey2JsrNlkoFny9kAQJhx1WfBuyRD0WvlA1nsiwk4LzgUQOvMRlIeVvGywfRMdnnmYOxHGWGJBi04ZA02z-wFeetFQyhssvJLCpVS7ZV5bOErKGpALCJp-LdQ5Pzogfh0b8Nk9SYrO9-YAtuBB2fQyRK3fx57WE0EE_ihWb2V3iX5kn8uaRucnLNAUzlWVjdVM5KaP-qQlE7GsxSOzZMYC4yfmz2g45wmzvb_KbuiyiYU-mvPDtqjKsHR7MAE6-eLvPcD4AQDkAYBoAZNgAfG-dKjA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATuPPqDsgTlfHm3wPQEwDYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX-3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE%26sig%3DAOD64_1JkMYrH4u2EW_TKv0DDMN6JvL_Qw%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-CBmF8-cFcy-ikNyK_M3Dev0sJ9BHrWlZY6m9wjtyPAfYMfn7bJYqr2ZmUiGWoSshEFCSOhbnEPgRkJqTDOQMCXsAFMCmGUdcTLMGTXX9EkFmEb970ks4MCHJ6-aA6KbKj_JFSH4YGggBI3S8cTS25qSGUOAQ%26cry%3D1%26dbm_d%3DAKAmf-CczyZ1nfC7WOrhHAxX9S1Lpg63Erivbvevt8yB502P7YkYy2U4Mv5omln_VbKJN1CUHt3VQHK5FlTpcRYzoQwaLINly6B6DQC4Td6KAgDBeQ06G3bvb4BTJUA8XDQy1LydmruouSs-aMB0mdc51GGint5nfYBBhcw9KzDMF0QMf1IxMLLE79wWQB2AosxedpccvErDKH6GiVLZJAF5ztWY5aMgR7dTOOSBe6mO_NSmL1TDPzpKA8_o7HFE42hregMlcg1qOnJGDQKVmVon0IX-4VCrwoXDJu5phGih6uz4bsWDtcVYnOph13L7AlIzUJRRttd0FGlZyfdmMyIQELajzI_ZKSRZZeo8bXTzSp_qzeGoYCcuyeptK89AoutC1Wz0rQK60GyJEMfxhUhQQgK_w5k7WDIBbW2r-pDdd6ZB-Tcw4et75lN1H1EYU3SqvzUaRnE7SLpqRk20b4llUn0aqjmNzQ%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.98 Rheinfelden, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad9.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 8b2f8457bb56a11b972b0707dd5f348840c8c72fe9c581f63f99bb7558af3ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 08:13:14 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 000002315571.gif
imagesrv.adition.com/banners/3506/files/00/23/55/33/ Frame C3EF 53 KB
53 KB 11ms
11ms Image
image/gif 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3506/files/00/23/55/33/000002315571.gif
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5bfb11cb8d72ded34d048679193ed674daeb3f046d4724b3afe374926e3c7872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Apr 2022 06:13:14 GMT
last-modified: Thu, 14 Apr 2022 06:56:22 GMT
accept-ranges: bytes
etag: "3345499487"
content-length: 54069
content-type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 97ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elmaelma.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 134ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elmaelma.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/ Frame D7DD 10 KB
4 KB 44ms
43ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 21:18:40 GMT
etag: 14837630671339829333
expires: Tue, 03 May 2022 21:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C3EF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86a06d6a47b594068c80889d2ff66ee3623d1db21f9fbe0655ac19fa6285c33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8495 22 KB
8 KB 89ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 15:35:01 GMT
expires: Wed, 19 Apr 2023 15:35:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C645 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Thu, 20 Apr 2023 06:13:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D7DD 4 KB
634 B 91ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 04:52:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D7DD 205 B
743 B 127ms
40ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 03:10:14 GMT
x-content-type-options: nosniff
age: 10981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Apr 2023 03:10:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D7DD 604 B
695 B 127ms
40ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 23:18:54 GMT
x-content-type-options: nosniff
age: 24861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Apr 2023 23:18:54 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame D7DD 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 01:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 01:42:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C645 2 KB
532 B 76ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 04:56:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame C645 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:08:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C645 0
0 76ms
75ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCl4aeqRfYu-jKdWux_APpMGjmAmOq9C4aZ3CppH8C9PCkd2oGxABIMGPwR9gleKQgqAHoAGbko3_A8gBCakCK9HVC_Qhsj7gAgCoAwHIA8sEqgSBAk_Q9MFxTfXiSKC3kILvviOfN4t_DfVjfWu32cCZFYB0nRJ3taC0lNmVnd8Az9OjiCJtIWgNPNIjp3tEWaYin1k7p-Q2TfkZPdT_kX84AmmJ_WjolodRIlDpPlc6CF9JRpKunc3Lwt86AmPs3OtLyUQuYMEjUARNlXb9fvRpaxVvSKpyXDA3V3O6eAYM1Xzfl-vFOxnYYMAsZhewIWqIiTLYy3sRtwkcRrHI2JXrmc_I9lXq5JVnLJgFEHnTY5Gu1wKtR7pmazPCjkUZrz3gE-ARd19qBPFfXmu4usmjZZyIvsAlCRi9vu-yFRVuDVF6lWA9Rd0kxmgLqgekwh67dNO3wAT36M6emAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze1yqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJalDNIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi05NjEyNTM5Mzg2NTMzMjkxGIGVEQ&sigh=QT5rGrDybyg&uach_m=[UACH]&template_id=494
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/ Frame C645 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/abg_lite_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:06:35 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame C645 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:05:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame C645 15 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C645 0
0 48ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStSHy7oHLkoJkY5jFGciUI8LyvOTEGwp_ldyEGJDzgroQASqOge9zo_pfHXFa6HVdo9pw7NalOUIS7pS18ylowt5I0jg
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C645 119 KB
36 KB 111ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H2 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame C645 30 KB
12 KB 110ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Jul 2022 15:34:41 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8495 35 KB
13 KB 35ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H3 200 container.html Show response
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E728 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Thu, 20 Apr 2023 06:13:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C645 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6c9fcecd68fea070f9a3866b11bcb5616e85f86e3f4a5749a3fd967cd2fa22f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame A6D9 8 KB
892 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 04:52:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A6D9 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 03:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 03:11:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame A6D9 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:10:41 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A6D9 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:04:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6D9 119 KB
36 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A6D9 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:11:36 GMT

GET
H2 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame A6D9 30 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Jul 2022 15:34:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1695 624 B
299 B 51ms
50ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNULAJJIOiwwjeA_23NOqWKSNmcqGCZmY9IgKI8LNwjUVYM86WsDdzzoWi2ck_aBWH8h61zEtYLjyXa0pYNj9gEyPWaiQVh8Rc7Ou48mBMrUGN0AQh82sC0JU45KGA_9e8dCc1zpQQPOA-FnaSbe_6q4mV9ABrOsoXT3p7ZRqZR-HuLMT60

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:15 GMT
expires: Wed, 20 Apr 2022 06:13:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E728 14 KB
10 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFY2Wrgw4d0yQLxs-tmaSHKxotKgvsds9q9SJFr6Jd6kQOb-_yWB0Xxiz5oBHMQfCbTNsWWu8Nem1hAG-s9f5T0zZ0PK23HB4cfY2QjjykdkpVuPjnFl7A5db3bztAXPcLlZQY0ZCejhZfZQdgbvGwFM8ngw&cry=1&dbm_d=AKAmf-AxexrqAYZvkHRJ67FWfgN2PO3DdI_e7ZWWl60lpuh2gr_449yasSTu96hBB81QXjsowcbWo3bNecfL2K1IY3ADjUkerm5e7HjleCUpc2e5tOC-pCeKVdW8ahuIZHItLx9NlNWnhMP5SKR284fSTTgl44F64rv9aubVoaUM-vM78ybCxAiq8WdkkilIXshOL_8dpOVYuptIHb4VRXkVU5NSYXRnyAJagajUyg6YGoMuUUQeLK4v6eku5C07Ao4AArMc6E1dSkjxnQXGdRZFutcQeiHEjcBpvZfayxdK55xh6yj4uDLmBhIKIt2pBX14Z_NHu-8suZPlO7TALlWKfuDEWZFENhWEIZfBgtnb0nelX_Ghn5ngsHyxGhCEWUg75jP66OT4fbn-KkesrHdzCyWlY18HXRz7tJEKi9MDwUfkRiVk8zGW0o3EJrUMkU-0Ind54xVtx65VhXfPq-VG1zT4Q8xW5z0hE0FmWt_sTTlHaJUGLbH_9a6-27xYcf9Wm_7YOc-FiMNFpxlrpX7g2Ge6A1X8WjFDz4kkrfVgXMzQWl6jfVqFYGXbPVDu6FG-KqFtx9F4j37TXJhqrtgC7bzr4z3gx7cNnHMJCYGZ24bvCEukjHi_q-4_ubBMeQFvfLMkk1ACklJiVKz8IrtELrvIPZCCr3I1dDVfXGvSuk2a83aJH4PWlmYIi6L76AXzsQh_RXOEiA7IWLnob1XeZFiggpfH8VEzOMYZUR1ZS_ItwoHCPiRi1GozhhnUuwOyTRcZmeUjvLkrB-7SA1eSb4tG7y2KS-402mcCU1gLJdwFgs8oHRr0nsNnPjZYCLFXsEzZoIIFjs29RcEa3Kjr5yIrnScbik909iYR-7KBviwxlZYwJRZf_eMX0vLsvp7xREr2h19h9U-K5NKnIKgtIHJ8O_CL3CWbvZ-0jv6EjX797zCGZPADcoMThtXKbbKfF0XQ3Fl61vVDEFC4KnwCBm0J7AWTkpWti6sbtG1SUctWRk_kFl5oE77UEr1fXCMGKVi86qC-ujvuXY3Z0ZW3f5SjSfOipPfFG6OP1I1NNHVu4bt9ltkIuRlLOQ8n_2qU--NXPHXiblgdpi9aMDCr0xtYc4cQussCFOz_OMZiyBc7p2460Qg9-iOqPxuUJ_8OzoL4pmMg6epuQKsKAjeLulm0fk1lutVdBKpAdTUCD76nC9JdizrH-s698UmC8Qq4g7AqiYYxdj6NEhLU0z-lqa6BnDogPdZnI7s4cszQH3nBoT0-ikRdxnGIhU4JlDmJr6ZXj0i2S8rKlzFWwOECCqRDnqnWXTE0MInWnEQnV6LO3Du_rYRRRFhxi5xXafGQ1iXMCPE42l5Pb7-jnSvBZgB14kxG_DxDVHetIpm8MrTp0eReM2Am4VLPGZJ4OR7btcCAxyJ1UjxbCaJTWiR-G6nMOFNStVhX7CA6i19aHsSzrAhMBIzaHuIy5ps6J6gGKlV38cIfP0PCkV4nQBxXALYMhMFbg1370F7aNA3AWZd4mNw1fY1OIG4rjGUPujOFW3T_HXBvnEh9asMzGFCtI12qBYMZ3U_UapDOpDsRZgELZ9VTyJeJ4FqdRFa3NG_oOVLGuRBtalWm8ErfMhp8IG5_3tWWD5BOjLZDhnKSB7sNhWb6KrSCr597RHoS518jNLbV_ZB98oXTJIbhHeOcBAp7GneQMh1h7CaxTOSAWuwLZJL-UKulz7xIlaOiSq06JjWqtkNErJQkpNjX41djvZv4l3V2xRczjskDnxE7UBZ9-Qvwm6bkL28m0_AgYGhhOnIOX9MHlXsrpOz-2s_UcvcVfmMaRlznsEQ6pzRKmiSlj_brB3HHVmhMyKCV2kvINVyZjIEDKyGvcB7xM3x0JlOmLjEy1oqeZ_GDcu3hUPpEupaxwCuR-Z-aexk6QrTSQDYDuc2QeD3JKA9EJJTRaSGbRv_1ntK-894OZeqLPp0Kywmfrp3_05k91g8HQ5ebXU2rgwLpdKY9iWGNY-yPKoV5cdEgzWzKQJHhxdZn3bT_ytx4WhS7uFCq9wLv3NhmG9F8kIZU_vZPJ4R2OBFYsXen3CsJH9qIgTuyngkd01hRw6LxSKjWotMGe-sqXPGKmTjZpYw0DJlK5-6iy6g4b5I8aekxnqJMTorbMchyS9GZ0hg0LORzQCwPaU5FbbPHev3QlA57SxZh11fHaqCuEZ0dM5OSps-9hYXtqHtyZbq7GV6o-oTvyRq0uKLmUl-oyvBKWr3I2AoP-696WJTJw3bFBIMrWzq_No3fZfZrjmABICVX9eO8_qp9vga_oL_Mcu2crkZk4LNs-_u6PQvxvWAmn6Jalfatgex5lBDou7bSvNjPFSeSWzHqnVJlj_5NdVF4_vMAN3uxmHNGg9YPdrk-VKG9bjnxy_bUc-nWLarfByRLolLXzumSlx224UQgcA3txJKJn2S_AcLimVmAcmFr92ijrLNJwZ4AdaqSn5JyKeWvLBU7N3Xkd9E1E5Kro9XNCNuZ1tBXUkovQO-rOGPDKlDt4OY_iVsaQ56mlVQadwQdRWYhVhiBZGUod_NAvdlvLxCwtPnoMCqTnCXY_qYtxaLEGnFAk8gakt-BQ-2pD_YnO15wut_euym4IIPHx5Sfbg_jR1tgnpc94e-mGqjDHFaA8wTCsttSZx0GjStZcC3vvPdb1rVnHJlx1eU32Go9iN-L7hZgSncNtUuEbJYyZHJdyWT3wiw375STV0fmE060E0x7wWcITbXqhhcuiknafSaEU-V3CwUAbmdmxaak-crS5XHC8Yb1VCRAXTwA1PLiV-msuQf7ofI4CcZZPsCcLcLUz4X7410iqHnDC6PJwC3j0lPLArvJKTy5JOQWkbEgxFs4QYF9y-4yHmPFIEsCSb1k6N0R4bhslp5pmwcI21YD8QB83XuslONCppVAzKctxihMQEOeZ4M3EgtTdOerW8b4w7Aoc1kRoAOOYj4bQbfFGeU07QWs9mHeDy83-1807uSc5H0D73yPiP1SKM9DRHFDpu_H2fo3J1oMXaEajEDZOF5QGdpTLnVe0AXmxR5PjbcI82zG-ImrJuOKkdyawSGdNbCRP6Oat2HapkFR2F7ekonpoQANPkLCX9SAwmoDiIDzMcf2-DOUat-6haktsdIBEhLyh_Mf1KiLyHMhBNPqjI-Oxxeg53D6u5UBvdoiohoc0_1OpYM49Fee_Jr-R4DOT0QjU6RCOPUpTWg0ldHD1Q6OywUiDm6Yo4RANUPgCJmf-krmvU5Ru_hI8LKHAsd4HqORT2iEdnMClKlzDaY_O_1dhLyLeFOT1r9AP3P5De92Fhz3_Lp5R6xHfNnAAb0DfCgsGLasjLhGVlXWDYU-Zt88DKHp8h5QNs8N2zxkDxHgUT0DPXcpY_HXkJ_00cgB&cid=CAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1581c749f2c004552377fb196490e495aa5da04a1513430c75d0ea0a3367d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E728 42 B
63 B 66ms
65ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COp3JmC3_1neH9qQkWFzY55wjyKXJPXXd1RfcO9MinrhRJgTU7jbO9dDMWYMPN4CWeNP7PLd94Yd9AbL34kd7I4RiDn3XztdQcn3r0TZk1f-MTEPo

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame E728 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:05:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E728 119 KB
36 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame E728 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E728 0
0 47ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-H50CZtrSG3aBQ3fICcY8xvIH4ZLyIcU2O6kXjYIaY2bvPwioWGhSpDRjPSCW5L8-qAyI5QXnExXuHnN09D3ZwBuJUw
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE4A 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame C645 20 KB
20 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:52:30 GMT
x-content-type-options: nosniff
age: 447645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:52:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C645 23 KB
24 KB 150ms
38ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSYfxcIaEZaMFVjICi1RztSskcbs9B3DSfyia_ljJ_Bpr3wTX5ox3zeJV5L0wU&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57298c72d7311e371369a9c309d3fa24bda9ec2db257a4567ddb3f5eb64c9951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:52:37 GMT
x-content-type-options: nosniff
age: 1238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23552
x-xss-protection: 0
last-modified: Thu, 27 Sep 2018 15:20:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Apr 2023 05:52:37 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C645 16 KB
16 KB 150ms
46ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRct28cnqyN6vzev4Jcr-rvBjmI0H5g7yaHrLdiw8hiF-A2mUiQFMN5FwEh6w&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

219dd1bb99c17954dfe29bdac5b9e04b9079ad03bc15217ac30a3da4e2be8975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:33:18 GMT
x-content-type-options: nosniff
age: 409197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16494
x-xss-protection: 0
last-modified: Thu, 18 Oct 2018 20:32:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Apr 2023 12:33:18 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C645 30 KB
30 KB 154ms
51ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT5wc3BaK25EFNmphvJCU-R1l5owKeme7VvRPabc7Nmq6Hs1D1BcJqeqyTYqA&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6b31099a2a45f00233efad7aec86edb71231305df8ba4c0cc35e4c72c6667c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 18:22:44 GMT
x-content-type-options: nosniff
age: 42631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30763
x-xss-protection: 0
last-modified: Tue, 05 Nov 2019 08:33:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Apr 2023 18:22:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C645 17 KB
17 KB 142ms
40ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQD1iQI6w6x5h9YAdFR_Jm4w6TOMCc_hP73hTwQPdWbrBE97BY&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bff1c564285d81e448e167efb0a5760a263bb5c7fc040449f0e2f83fe680bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 07:20:46 GMT
x-content-type-options: nosniff
age: 82349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17169
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 03:34:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Apr 2023 07:20:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C645 8 KB
9 KB 144ms
40ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRmQF2p6z7E82w7w_7XMVm4k1qP2zM5dGPi1C7RAV6ljFyoDnQG0M3zfXBrCw&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194bb73b109a8ac138778148032bced8af939546119e0e69704cc49728a68bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:14 GMT
x-content-type-options: nosniff
age: 421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8411
x-xss-protection: 0
last-modified: Fri, 15 Jun 2018 14:54:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Apr 2023 06:06:14 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C645 14 KB
14 KB 142ms
39ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ_gjkQblBmAkibr1OdEegi2annnkIiMJED8NmHpRrzBC-K_rvy&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baddcdc592bec87ecd21e905ad45c2f0384debbc9480fbbd7a76b46dc346324e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:01:59 GMT
x-content-type-options: nosniff
age: 4276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13999
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 21:36:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 20 Apr 2023 05:01:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C645 28 KB
28 KB 152ms
49ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTUCopT10Lbm9NXjYAUPbfTGIRrr3Pp8XwFL9sWpZaUsAElMnfR&usqp=CAI

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fc797cdc9fe8469e636d17bee7462dc76aaebb19ef4612d1d132d7167acbfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 19:38:38 GMT
x-content-type-options: nosniff
age: 297277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28184
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 09:55:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Apr 2023 19:38:38 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 429A 35 KB
13 KB 33ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H3 200 container.html Show response
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A064 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:14 GMT
expires: Thu, 20 Apr 2023 06:13:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1695
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNULAJJIOiwwjeA_23NOqWKSNmcqGCZmY9IgKI8LNwjUVYM86WsDdzzoWi2ck_aBWH8h61zEtYLjyXa0pYNj9gEyPWaiQVh8Rc7Ou48mBMrUGN0AQh82sC0JU45KGA_9e8dCc1zpQQPOA-FnaSbe_6q4mV9ABrOsoXT3p7ZRqZR-HuLMT60
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1695
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

43 B
894 B

41ms
41ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNULAJJIOiwwjeA_23NOqWKSNmcqGCZmY9IgKI8LNwjUVYM86WsDdzzoWi2ck_aBWH8h61zEtYLjyXa0pYNj9gEyPWaiQVh8Rc7Ou48mBMrUGN0AQh82sC0JU45KGA_9e8dCc1zpQQPOA-FnaSbe_6q4mV9ABrOsoXT3p7ZRqZR-HuLMT60
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1695
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

43 B
1020 B

23ms
23ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNULAJJIOiwwjeA_23NOqWKSNmcqGCZmY9IgKI8LNwjUVYM86WsDdzzoWi2ck_aBWH8h61zEtYLjyXa0pYNj9gEyPWaiQVh8Rc7Ou48mBMrUGN0AQh82sC0JU45KGA_9e8dCc1zpQQPOA-FnaSbe_6q4mV9ABrOsoXT3p7ZRqZR-HuLMT60

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d9f75a2-2bc1-4ddf-9a82-2bdac3b3a60f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1695
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 23a6d886-08f1-4d6c-9e59-da60bf5f5070
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E728 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFY2Wrgw4d0yQLxs-tmaSHKxotKgvsds9q9SJFr6Jd6kQOb-_yWB0Xxiz5oBHMQfCbTNsWWu8Nem1hAG-s9f5T0zZ0PK23HB4cfY2QjjykdkpVuPjnFl7A5db3bztAXPcLlZQY0ZCejhZfZQdgbvGwFM8ngw&cry=1&dbm_d=AKAmf-AxexrqAYZvkHRJ67FWfgN2PO3DdI_e7ZWWl60lpuh2gr_449yasSTu96hBB81QXjsowcbWo3bNecfL2K1IY3ADjUkerm5e7HjleCUpc2e5tOC-pCeKVdW8ahuIZHItLx9NlNWnhMP5SKR284fSTTgl44F64rv9aubVoaUM-vM78ybCxAiq8WdkkilIXshOL_8dpOVYuptIHb4VRXkVU5NSYXRnyAJagajUyg6YGoMuUUQeLK4v6eku5C07Ao4AArMc6E1dSkjxnQXGdRZFutcQeiHEjcBpvZfayxdK55xh6yj4uDLmBhIKIt2pBX14Z_NHu-8suZPlO7TALlWKfuDEWZFENhWEIZfBgtnb0nelX_Ghn5ngsHyxGhCEWUg75jP66OT4fbn-KkesrHdzCyWlY18HXRz7tJEKi9MDwUfkRiVk8zGW0o3EJrUMkU-0Ind54xVtx65VhXfPq-VG1zT4Q8xW5z0hE0FmWt_sTTlHaJUGLbH_9a6-27xYcf9Wm_7YOc-FiMNFpxlrpX7g2Ge6A1X8WjFDz4kkrfVgXMzQWl6jfVqFYGXbPVDu6FG-KqFtx9F4j37TXJhqrtgC7bzr4z3gx7cNnHMJCYGZ24bvCEukjHi_q-4_ubBMeQFvfLMkk1ACklJiVKz8IrtELrvIPZCCr3I1dDVfXGvSuk2a83aJH4PWlmYIi6L76AXzsQh_RXOEiA7IWLnob1XeZFiggpfH8VEzOMYZUR1ZS_ItwoHCPiRi1GozhhnUuwOyTRcZmeUjvLkrB-7SA1eSb4tG7y2KS-402mcCU1gLJdwFgs8oHRr0nsNnPjZYCLFXsEzZoIIFjs29RcEa3Kjr5yIrnScbik909iYR-7KBviwxlZYwJRZf_eMX0vLsvp7xREr2h19h9U-K5NKnIKgtIHJ8O_CL3CWbvZ-0jv6EjX797zCGZPADcoMThtXKbbKfF0XQ3Fl61vVDEFC4KnwCBm0J7AWTkpWti6sbtG1SUctWRk_kFl5oE77UEr1fXCMGKVi86qC-ujvuXY3Z0ZW3f5SjSfOipPfFG6OP1I1NNHVu4bt9ltkIuRlLOQ8n_2qU--NXPHXiblgdpi9aMDCr0xtYc4cQussCFOz_OMZiyBc7p2460Qg9-iOqPxuUJ_8OzoL4pmMg6epuQKsKAjeLulm0fk1lutVdBKpAdTUCD76nC9JdizrH-s698UmC8Qq4g7AqiYYxdj6NEhLU0z-lqa6BnDogPdZnI7s4cszQH3nBoT0-ikRdxnGIhU4JlDmJr6ZXj0i2S8rKlzFWwOECCqRDnqnWXTE0MInWnEQnV6LO3Du_rYRRRFhxi5xXafGQ1iXMCPE42l5Pb7-jnSvBZgB14kxG_DxDVHetIpm8MrTp0eReM2Am4VLPGZJ4OR7btcCAxyJ1UjxbCaJTWiR-G6nMOFNStVhX7CA6i19aHsSzrAhMBIzaHuIy5ps6J6gGKlV38cIfP0PCkV4nQBxXALYMhMFbg1370F7aNA3AWZd4mNw1fY1OIG4rjGUPujOFW3T_HXBvnEh9asMzGFCtI12qBYMZ3U_UapDOpDsRZgELZ9VTyJeJ4FqdRFa3NG_oOVLGuRBtalWm8ErfMhp8IG5_3tWWD5BOjLZDhnKSB7sNhWb6KrSCr597RHoS518jNLbV_ZB98oXTJIbhHeOcBAp7GneQMh1h7CaxTOSAWuwLZJL-UKulz7xIlaOiSq06JjWqtkNErJQkpNjX41djvZv4l3V2xRczjskDnxE7UBZ9-Qvwm6bkL28m0_AgYGhhOnIOX9MHlXsrpOz-2s_UcvcVfmMaRlznsEQ6pzRKmiSlj_brB3HHVmhMyKCV2kvINVyZjIEDKyGvcB7xM3x0JlOmLjEy1oqeZ_GDcu3hUPpEupaxwCuR-Z-aexk6QrTSQDYDuc2QeD3JKA9EJJTRaSGbRv_1ntK-894OZeqLPp0Kywmfrp3_05k91g8HQ5ebXU2rgwLpdKY9iWGNY-yPKoV5cdEgzWzKQJHhxdZn3bT_ytx4WhS7uFCq9wLv3NhmG9F8kIZU_vZPJ4R2OBFYsXen3CsJH9qIgTuyngkd01hRw6LxSKjWotMGe-sqXPGKmTjZpYw0DJlK5-6iy6g4b5I8aekxnqJMTorbMchyS9GZ0hg0LORzQCwPaU5FbbPHev3QlA57SxZh11fHaqCuEZ0dM5OSps-9hYXtqHtyZbq7GV6o-oTvyRq0uKLmUl-oyvBKWr3I2AoP-696WJTJw3bFBIMrWzq_No3fZfZrjmABICVX9eO8_qp9vga_oL_Mcu2crkZk4LNs-_u6PQvxvWAmn6Jalfatgex5lBDou7bSvNjPFSeSWzHqnVJlj_5NdVF4_vMAN3uxmHNGg9YPdrk-VKG9bjnxy_bUc-nWLarfByRLolLXzumSlx224UQgcA3txJKJn2S_AcLimVmAcmFr92ijrLNJwZ4AdaqSn5JyKeWvLBU7N3Xkd9E1E5Kro9XNCNuZ1tBXUkovQO-rOGPDKlDt4OY_iVsaQ56mlVQadwQdRWYhVhiBZGUod_NAvdlvLxCwtPnoMCqTnCXY_qYtxaLEGnFAk8gakt-BQ-2pD_YnO15wut_euym4IIPHx5Sfbg_jR1tgnpc94e-mGqjDHFaA8wTCsttSZx0GjStZcC3vvPdb1rVnHJlx1eU32Go9iN-L7hZgSncNtUuEbJYyZHJdyWT3wiw375STV0fmE060E0x7wWcITbXqhhcuiknafSaEU-V3CwUAbmdmxaak-crS5XHC8Yb1VCRAXTwA1PLiV-msuQf7ofI4CcZZPsCcLcLUz4X7410iqHnDC6PJwC3j0lPLArvJKTy5JOQWkbEgxFs4QYF9y-4yHmPFIEsCSb1k6N0R4bhslp5pmwcI21YD8QB83XuslONCppVAzKctxihMQEOeZ4M3EgtTdOerW8b4w7Aoc1kRoAOOYj4bQbfFGeU07QWs9mHeDy83-1807uSc5H0D73yPiP1SKM9DRHFDpu_H2fo3J1oMXaEajEDZOF5QGdpTLnVe0AXmxR5PjbcI82zG-ImrJuOKkdyawSGdNbCRP6Oat2HapkFR2F7ekonpoQANPkLCX9SAwmoDiIDzMcf2-DOUat-6haktsdIBEhLyh_Mf1KiLyHMhBNPqjI-Oxxeg53D6u5UBvdoiohoc0_1OpYM49Fee_Jr-R4DOT0QjU6RCOPUpTWg0ldHD1Q6OywUiDm6Yo4RANUPgCJmf-krmvU5Ru_hI8LKHAsd4HqORT2iEdnMClKlzDaY_O_1dhLyLeFOT1r9AP3P5De92Fhz3_Lp5R6xHfNnAAb0DfCgsGLasjLhGVlXWDYU-Zt88DKHp8h5QNs8N2zxkDxHgUT0DPXcpY_HXkJ_00cgB&cid=CAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 15:35:01 GMT

GET
H/1.1 200
OK 33lgkyejwpt3 Show response
hal9000.redintelligence.net/zone/ Frame E728 11 KB
4 KB 50ms
17ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ade0f15978b054bd4dbedad1dc010c1da67556b9fb91bc552e3d4d75b41ae658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3954
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

102ms
102ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:13:15 GMT
expires: Wed, 20 Apr 2022 06:13:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:13:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B34 35 KB
13 KB 32ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H/1.1

200
OK

request.php Show response
hal900029.redintelligence.net/ Frame E728
Redirect Chain

https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

99ms
74ms

Script
application/x-javascript

88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 7b79f94ed5e26d169ab62b0d9b681962530baf262805a753e2ecfa65be661e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41470700035501804444556011935029
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1098
Expires: Wed, 20 Apr 2022 07:13:15 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 20 Apr 2022 07:13:15 +0200

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 16FB 624 B
297 B 52ms
50ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARju0OWjATAB&v=APEucNXNUh1GwGb4fQLvrruDArcRTO1hIEA4hp9YLV92Re-xwzrP3zcqNXClCiv-WS9MtORDPd3jYg_kIjdzhrqGNXze_9TP1XxFWclDfi-ebZFCw_xOBDkFA7OJnn6he9-nsk5GlVsdKwQ_vfj_FmXVsRUjpyv1iUyMdEdNMqGAzIFmWsvf8QA

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A064 27 KB
16 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL-4bDq-UOMhPW--bCxQ_wrcY4r_c4daldyaAVZ8g0JRgJVWLIl4DPupeimVd0lSuZ5qEKej1kaw4RxIIEXI0L7eSQD6aF7tgPV0p5R57gn6XHa62_fH4MCI0QuMBxZ6YoHWKQl1Io-xLlclJL6T6nmkpeNA&cry=1&dbm_d=AKAmf-CiySug64c_Su_44Y-NBbELjBFv6bvxFCbsKrV1jiLKH7lXmDhOvnmRKUmH_qiSVY6GWh_88voEWdIBupiHrUX8xMDtt65ppydRgRJaojIdq5o80raggH2PSGSZn_bTRI-0NPHPNeYsATUhVerC4LniedRSaEBeCaikl9oCoFPoX1sdQNZtKbGYupqhooiSr7sLujCHITfioRTy2BHhOjAg9FKWk3DAlJjUoxE1VONW37zOjQLJi7wzEqOUdYXwT3hOK3tgWl_f4OLmCeknNLzKioRMduTHWHxKRsL5l8g-Rs3R2ypBADNlJt7R_bucqxcew2qEzBbBbbkAbzIlxwDHpl10PLIBbv_I4pxyQaqZfQRc7fAcEme2bcVM5oXD2VSG1ft2B1aQwrKuqLtdTK6OMvLEHqL1AlgLbnZkLriLmjPre6gQqT8nhTBoRD3_HUJpZMe8apdkxadYLlnILZxjuedp1Rlz7SmZHT8I7WQMcuhL8T-pKCm5ud8Ukh21vLKo-QmZ2Pa4WTVdQlGki8eJRaZz54prLuaKahyaiXBgRGW5-RtKFe8wmpD3H5H89FAR9-QRssNfHPTU4m1pqDvzp9asIeOv5hqCajQsyheU1sYpmG1pldRu3eCiY0zmYsnpbf4bQI8SlCDJbZI147a-02EkXCtEy-75fypuFtgrb_JZ6Kcv5VZSbV8N2HzzT9EIfJ25Pmz6KyewvGF9dtUj8rUg-ImsKgzrvvlIyBQT645B1bT5bi7CaBdim9Ma1kkRyhrsKE85AyjDc9DkaI5G8tp2c_c-C2dedWwWei41O-dfY10kjc7P9ZzxtbHb4HrZzdMnxuvoHedqMiBcBCe42IBddksNWyN9__U_b_PMpvxi_py_V4VxmU4K0P-ivJ9AtBnDfvooPEXHV1Q_ehhOIlcvWXrrSL-lVAMSx996FIMFywQXZDvx2CXMpSk6LqNHMKFgNGSSH_N4W6ZMWlc1ba_tIOk5T_bf9ZA4sPrQV-qYjZ6IqUjdVW8YOXeKP2yMDVjXJiVL3rnNM8Nf-v-IH17zCY_hhf2cCHI3zcuNx_sZolcaFopJFXI61PyQX-PagFWMGs_mJpqrVIfh1MXtGEA5Gngew27JgE8gYOM4Rh-691q8TsK0gdlIOFbV9btXm-6o1jG8wo4TpKXm4EG4MMkdlsqZB4gpK83q5wPvZ2TM0GpnhRgCP473ST1SpQytkZp6HXzB8Vjl3Pn7r6kG1zpWBTWdjZcYbyVOxd7C0tycqe7D-yGeeP_iij2uEWUgWetlIhhUECWYOhXZsvMwlgRd3zMd9tcVBdaaxj6b_mHngYdWD-vMDRKmCIodVLIAt24J02i-3ejkBOo-7EK7sk9pHpgWE8HETTFk2YHROgWwZFwqj6venmhTYte2azu_-7f59yjQ3dBFoiWqavHtGdO-GDvN1a7EMI0WPKs2rZSq74MeBSGoQIYsUN-kXaNtu1VlJ7qiawBgEl8TInypuw7VT3um6OkiGYtT8DjjsdwFBSUPnaXRfBEd55Ja6fCGRLFEaFtbOR4u99MzrZVtsNo9O1hAXJccrTbQfh7FIO3squhN1EdEaWb8nN5cXsR2dUHTuxqu-FzMzEt5X37nTJtQQap4ZDWcjRy7w9XnRtjOdnTD3juGBj7Xn418IAq79m6dYSP1B1q_SgX9Q9yINAqWgMn3V22M4PtMoAhjeL7KTO-I6e42zNDiAnusuUZl7zCwoyj7GYBKro1jA-F8SjBLClh-oAj_X2kKqSaQ35VmWdIgCnuJoZq4tSQ_VPFZqxUCoj2II6TnJ6aY1v0cbLWqghKnbb6SfxuLH9qJeM54Hay0VNafyWbDRAUm0mlXKYfWFQDEZ2lcebS8cw8nnCPNl_N-dOZ71ktBPaAHS-017KyHGG8b5NnL504rBFuGEyvl_F8Uw8EEUZfTtadAl9u5fnCuKL6jEXah6350ctOyDiOmL-AQ2cnEI7aKq8vBC7vstxaSUxXKXVs1Ejz2FsCcq0HMln7GqU9zXyLviErYkZRKONyl_ISpPA3d9dwRzKp-2l5J9h92do1dWXNGR3hjut6gi3DFyo_nE-GaSGdkN1UJBu5ZgZfqLG-jKA0dw5wcw-wkAd_6uK3DGJK-kq2ID4QtV-o11ELLY6Wend4HqPQ8gHa0ooqMLRIKVax-NFUVDNeUSu9pf2k5in77bMJRrHKnEoCzUZFQq8RAWVXis6oK2tk90ZGeChP1egaeuWMUV5TfAFRAdwJBHcKz8clE4HQRDjj9X9O8orobt04fczEfFe9793bW0T_U3hFBJqGfNcXKwXcmzv117ayBIsdFjNUtVctKrOavGXTxSbHcF_bW1XKig_P5zthmJRCI83vgkQcHvuCZP2-T3LZYu3wn6-TaKCYbaWhlPwifRx4hzF_EkX_deZgGc8vsB1hbt0eeYQctsHBlDuUquYk4EqWim4XnjDgIQQqN3Yv_98XUndkp7KGzaTjz-IaQE1LbAkEMixuf9ORuHJv0NVMQkyaiVP5yeOxMX8IjF-otSRoCK8r8jXfnd_3A4Mk4FjImN42HtWQo3605qI6aWS1mEX1AS_NrUqMYZy9bS6vc-s-qE4qp4nivz_gnngWLin_HqUrUnIDj6NGAtDrJPf_aGKbOFo4elfaqHXyuBgTO9aGYddgG3GwWBxdk2HZ6PVKBlB7GrviWUUclF7EADptlvKUbLgkrNcgwJ3UB01-JnKDjY4gMqbS8cXUwnwRUEN4NJruF04Zn7ZBYAR1EpHBUS98cAA5ui5dWwreOnBzWXbM6Mm1601yHVSyvNJH2rsDsZ0n7TMQWeCwMh3KYJOmrebebei6YD6IqXncTWDXMHG83qy0jT-teaNidGY2QuBPPAHwv1lH1N2SWR9MQ6ersymfEmeVdQWGhiwhkRRoCEgTkdnDBfFwOSVqkBOqPVX-AwbyOlesD9hGdVegtBqpnCoKzLt83_EmKEJBjcbKRHvlNqQ2RF09EslFE4ije5ZA9kYxDluqNd04tJ04hA45L74q5m4HfYXHCKQB4E2jB68UIGkIlNSBIraAF9oQjtj7nLTe0f2XKh2C4YV6BPc9WncERfOaNC1loT7vYVmf76JLmYczDDWMAfe6UG9wBCceC-qyt7KeDzrxbE5O0Eu98GZkxsOYtHOmbg3abivq--4OCvt-VuBw4jNJa1PWPfBQP_HubtIHMAWx4ZHfAQV2bvZ8NMi2TnJ1JCJxds295MJ2XhsuXSzBFaP6wXPrX6WKlKW6zrsPRmSV5RZYTAw-tFsbjFw0O3422MnwHbsfZ39DpVZjFjYnvp5SwUs_OeoIbaQpBnX-2vDpNLzHEArW87p2Asm0Y9IbJmi_o9METVuC2yWTkufsVXO4zcYhrvUhs_bz4grWwDzVITVEE-9b_oyBAZ7-2HLbdnlrSdYKMjUzQS1Xx-vQckkTWRKC74SoIFqn8nyCOSL-kIgsaa_oZoZBZIJtwPfeD7jyYlMpdYqlSWypOqopKa6PfnLRcoVwIH_K8coULCx9mHoZJZMADHSqsnZFWk5bCZzxJpr6es2GoEMHxsGMvvpjlG_lXvFT6Poh8&cid=CAASKORo4TtuSKQIxlrYLkct60AsnkhIyJ-yXZqZ6i8c8QZsTHgh277lrpU&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e399438f3531f6da51f8e4413c6c17bdd4fe6d604bdce158139bfdf53f0b5352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A064 42 B
63 B 71ms
71ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv6zt0L9dsrQNZ1jyz-3-0mgEGTR8Djxu7EW2z3ePfx_1zaBs8KhjkYRkTfGOqrKtEH9wJIhUV6yvRn0sFPhv2CjK7kzK5P7QbnP-poLl8Gc5kzg8

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A064 2 KB
1 KB 45ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115825&plc=4259933&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grW8QvQeKn1msGNAZUxSi-&DVP_DBM_1=3060631&DVP_DBM_2=11927003&DVP_DBM_3=32488360&DVP_DBM_4=343500910&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=40424209140&turl=https://www.elmaelma.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 08:39:57 GMT
Server: Microsoft-IIS/10.0
ETag: "978bff5b4ad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A064 8 KB
4 KB 45ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grW8QvQeKn1msGNAZUxSi-&DVP_DBM_1=3060631&DVP_DBM_2=11927003&DVP_DBM_3=32488360&DVP_DBM_4=343500910&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=40424209140&turl=https://www.elmaelma.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e040abc8881449b2e354cdb341cbf7eaf455ca22af1b4c0458aa469adb1e5a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2022 13:31:39 GMT
Server: Microsoft-IIS/10.0
ETag: "802fda22853d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3301

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame A064 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:05:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A064 119 KB
36 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame A064 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A064 0
0 47ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3z0rkaDj8motsBIDxnEtwkjAuTJEtwxwV9tUgY3iMtHhA8V0Seha-qWXdbuXGZ4vSku2xzDKeLsGgdaGBqhdQYZDAcA
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 259B 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 15:35:01 GMT
expires: Wed, 19 Apr 2023 15:35:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 16FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARju0OWjATAB&v=APEucNXNUh1GwGb4fQLvrruDArcRTO1hIEA4hp9YLV92Re-xwzrP3zcqNXClCiv-WS9MtORDPd3jYg_kIjdzhrqGNXze_9TP1XxFWclDfi-ebZFCw_xOBDkFA7OJnn6he9-nsk5GlVsdKwQ_vfj_FmXVsRUjpyv1iUyMdEdNMqGAzIFmWsvf8QA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 16FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.kevdrwnUbK1bL3j0mCAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2

43 B
894 B

14ms
14ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARju0OWjATAB&v=APEucNXNUh1GwGb4fQLvrruDArcRTO1hIEA4hp9YLV92Re-xwzrP3zcqNXClCiv-WS9MtORDPd3jYg_kIjdzhrqGNXze_9TP1XxFWclDfi-ebZFCw_xOBDkFA7OJnn6he9-nsk5GlVsdKwQ_vfj_FmXVsRUjpyv1iUyMdEdNMqGAzIFmWsvf8QA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:15 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBWMQ-E95B_-hZZrzKmuftc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 16FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

43 B
1020 B

42ms
17ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARju0OWjATAB&v=APEucNXNUh1GwGb4fQLvrruDArcRTO1hIEA4hp9YLV92Re-xwzrP3zcqNXClCiv-WS9MtORDPd3jYg_kIjdzhrqGNXze_9TP1XxFWclDfi-ebZFCw_xOBDkFA7OJnn6he9-nsk5GlVsdKwQ_vfj_FmXVsRUjpyv1iUyMdEdNMqGAzIFmWsvf8QA

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 39e98439-37f6-4d83-ac27-367314f5e246
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE5eutSxmKnYwZYSHnYGJqU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16FB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 67127a4e-4a37-429d-ac27-3daf25acd3ef
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjY4MzcxOTYyNzExMzE3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8495 0
20 B 69ms
68ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf1i0eqRfYoOJNI2ygQfF9regDAAAAAA4AeAEAg&bg=!BwSlBEDNAAZvJBiFTyQ7ACkAdvg8WgMKjBlJsnwzf7OOkp9gof4Ngg67zRH251ZYGT8AMa3Ze3422wIAAAEZUgAAAAJoAQcKAHEOR76cmoPbOjVYxpz4rWZP-kFaWGgq0B5Q_LylzpiJTWevmMpZNLWqjJJcYlywintix10H6CjZ9HV-cC3Rz1559fbQrLo7KPKMxERMDfXct3jYUcqIa59yXDo8ny0S2nFnk2fx40fjxpo477PhbHoCWJkC9G-oNb4xdz5SMwSEW-h8LV0IbUwhENzZKa4_nyZp6jz_4UEku8YqiY0wuCgzC9ah0XlbXCke8yp_SyvhRd7WG_uqF7RNnt3J7ZQzWo4neuMbKiY9ArYYujEzT_pXkbw3dS1FRb_COFT28lwque8ZoEHNq7bfsxoN_ZftMLSB2qR1RVHAsRts7XgctPb9uRAahxOIuGKs5KMrx3DFR-ANX2Ucge-8XhZYpGv1h1iUsp7_CUXcl5PQln1oVHlVUM1SFppxE0EhGPfu9lzgzAQDmNoxyPbJ3uJwg9rojtq7bD1mp_8HUTxIQ4Hl-Xj7zfeb1zEAeckROmkq0Z6v_lmnbEmAkECprTql2nWMPWGSumqhH5bOs-B27WMALf7kxL3GCnS2SPzGa5qgTgi9j6miHdQTHCWHP15hKdEjOAksZX-zwx2QNYQxfoRnZitmZMi16gU5Yo4abxk77Gpkt33z1TZIGt-n2sMKMvQ8_GcAJlL6sXcb1LVxRFYq10ImnavgflsZDAw0LbJahg_oXyc7Ui2WgU4hEx0V7cvFrfBCmx1OO9cWQhBcedRSZP2z1-TZxGkDTHU1BkF9tDez-mnKhZOpdVHTudlET473Bm5fqL29lIwTCAPnbNccZYSRpJ1deCn0w3Dt5XpSh8Mrtd7VYUwf0AbDcnbMyF7_N3Y_aXN59UGUG69wtlYuExxujeanaK5TNCt7os_ANnVtuCWc2TkJhDHSxQrK51V-B3Zx71WriWQ8Dm_08mam9axK1qW0TRNuuCsU1KXfxGL9DOcKqR6D5ow2dXcPQMvTwyrHj1IU3Sj_pF0PsS3coMGbqYbxkpULkVh4wMWIZ8YaW5pc-fRT-n8Bd-nBpO4-pK5CGGyRRFl5pMMO7OApXejrQJEIOmD5wxppJp7g1CV97NF_Q1ksni3qTndAXWV8sdj2JOCiYZOTCCTRkkjHTedAr8pBmSnuNmpjSJK254b9Kc_KhY-ZeuUPZPgbg570A-FCpSUJYqelgg

Requested by

Host: www.elmaelma.com
URL: https://www.elmaelma.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame A064 25 KB
10 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL-4bDq-UOMhPW--bCxQ_wrcY4r_c4daldyaAVZ8g0JRgJVWLIl4DPupeimVd0lSuZ5qEKej1kaw4RxIIEXI0L7eSQD6aF7tgPV0p5R57gn6XHa62_fH4MCI0QuMBxZ6YoHWKQl1Io-xLlclJL6T6nmkpeNA&cry=1&dbm_d=AKAmf-CiySug64c_Su_44Y-NBbELjBFv6bvxFCbsKrV1jiLKH7lXmDhOvnmRKUmH_qiSVY6GWh_88voEWdIBupiHrUX8xMDtt65ppydRgRJaojIdq5o80raggH2PSGSZn_bTRI-0NPHPNeYsATUhVerC4LniedRSaEBeCaikl9oCoFPoX1sdQNZtKbGYupqhooiSr7sLujCHITfioRTy2BHhOjAg9FKWk3DAlJjUoxE1VONW37zOjQLJi7wzEqOUdYXwT3hOK3tgWl_f4OLmCeknNLzKioRMduTHWHxKRsL5l8g-Rs3R2ypBADNlJt7R_bucqxcew2qEzBbBbbkAbzIlxwDHpl10PLIBbv_I4pxyQaqZfQRc7fAcEme2bcVM5oXD2VSG1ft2B1aQwrKuqLtdTK6OMvLEHqL1AlgLbnZkLriLmjPre6gQqT8nhTBoRD3_HUJpZMe8apdkxadYLlnILZxjuedp1Rlz7SmZHT8I7WQMcuhL8T-pKCm5ud8Ukh21vLKo-QmZ2Pa4WTVdQlGki8eJRaZz54prLuaKahyaiXBgRGW5-RtKFe8wmpD3H5H89FAR9-QRssNfHPTU4m1pqDvzp9asIeOv5hqCajQsyheU1sYpmG1pldRu3eCiY0zmYsnpbf4bQI8SlCDJbZI147a-02EkXCtEy-75fypuFtgrb_JZ6Kcv5VZSbV8N2HzzT9EIfJ25Pmz6KyewvGF9dtUj8rUg-ImsKgzrvvlIyBQT645B1bT5bi7CaBdim9Ma1kkRyhrsKE85AyjDc9DkaI5G8tp2c_c-C2dedWwWei41O-dfY10kjc7P9ZzxtbHb4HrZzdMnxuvoHedqMiBcBCe42IBddksNWyN9__U_b_PMpvxi_py_V4VxmU4K0P-ivJ9AtBnDfvooPEXHV1Q_ehhOIlcvWXrrSL-lVAMSx996FIMFywQXZDvx2CXMpSk6LqNHMKFgNGSSH_N4W6ZMWlc1ba_tIOk5T_bf9ZA4sPrQV-qYjZ6IqUjdVW8YOXeKP2yMDVjXJiVL3rnNM8Nf-v-IH17zCY_hhf2cCHI3zcuNx_sZolcaFopJFXI61PyQX-PagFWMGs_mJpqrVIfh1MXtGEA5Gngew27JgE8gYOM4Rh-691q8TsK0gdlIOFbV9btXm-6o1jG8wo4TpKXm4EG4MMkdlsqZB4gpK83q5wPvZ2TM0GpnhRgCP473ST1SpQytkZp6HXzB8Vjl3Pn7r6kG1zpWBTWdjZcYbyVOxd7C0tycqe7D-yGeeP_iij2uEWUgWetlIhhUECWYOhXZsvMwlgRd3zMd9tcVBdaaxj6b_mHngYdWD-vMDRKmCIodVLIAt24J02i-3ejkBOo-7EK7sk9pHpgWE8HETTFk2YHROgWwZFwqj6venmhTYte2azu_-7f59yjQ3dBFoiWqavHtGdO-GDvN1a7EMI0WPKs2rZSq74MeBSGoQIYsUN-kXaNtu1VlJ7qiawBgEl8TInypuw7VT3um6OkiGYtT8DjjsdwFBSUPnaXRfBEd55Ja6fCGRLFEaFtbOR4u99MzrZVtsNo9O1hAXJccrTbQfh7FIO3squhN1EdEaWb8nN5cXsR2dUHTuxqu-FzMzEt5X37nTJtQQap4ZDWcjRy7w9XnRtjOdnTD3juGBj7Xn418IAq79m6dYSP1B1q_SgX9Q9yINAqWgMn3V22M4PtMoAhjeL7KTO-I6e42zNDiAnusuUZl7zCwoyj7GYBKro1jA-F8SjBLClh-oAj_X2kKqSaQ35VmWdIgCnuJoZq4tSQ_VPFZqxUCoj2II6TnJ6aY1v0cbLWqghKnbb6SfxuLH9qJeM54Hay0VNafyWbDRAUm0mlXKYfWFQDEZ2lcebS8cw8nnCPNl_N-dOZ71ktBPaAHS-017KyHGG8b5NnL504rBFuGEyvl_F8Uw8EEUZfTtadAl9u5fnCuKL6jEXah6350ctOyDiOmL-AQ2cnEI7aKq8vBC7vstxaSUxXKXVs1Ejz2FsCcq0HMln7GqU9zXyLviErYkZRKONyl_ISpPA3d9dwRzKp-2l5J9h92do1dWXNGR3hjut6gi3DFyo_nE-GaSGdkN1UJBu5ZgZfqLG-jKA0dw5wcw-wkAd_6uK3DGJK-kq2ID4QtV-o11ELLY6Wend4HqPQ8gHa0ooqMLRIKVax-NFUVDNeUSu9pf2k5in77bMJRrHKnEoCzUZFQq8RAWVXis6oK2tk90ZGeChP1egaeuWMUV5TfAFRAdwJBHcKz8clE4HQRDjj9X9O8orobt04fczEfFe9793bW0T_U3hFBJqGfNcXKwXcmzv117ayBIsdFjNUtVctKrOavGXTxSbHcF_bW1XKig_P5zthmJRCI83vgkQcHvuCZP2-T3LZYu3wn6-TaKCYbaWhlPwifRx4hzF_EkX_deZgGc8vsB1hbt0eeYQctsHBlDuUquYk4EqWim4XnjDgIQQqN3Yv_98XUndkp7KGzaTjz-IaQE1LbAkEMixuf9ORuHJv0NVMQkyaiVP5yeOxMX8IjF-otSRoCK8r8jXfnd_3A4Mk4FjImN42HtWQo3605qI6aWS1mEX1AS_NrUqMYZy9bS6vc-s-qE4qp4nivz_gnngWLin_HqUrUnIDj6NGAtDrJPf_aGKbOFo4elfaqHXyuBgTO9aGYddgG3GwWBxdk2HZ6PVKBlB7GrviWUUclF7EADptlvKUbLgkrNcgwJ3UB01-JnKDjY4gMqbS8cXUwnwRUEN4NJruF04Zn7ZBYAR1EpHBUS98cAA5ui5dWwreOnBzWXbM6Mm1601yHVSyvNJH2rsDsZ0n7TMQWeCwMh3KYJOmrebebei6YD6IqXncTWDXMHG83qy0jT-teaNidGY2QuBPPAHwv1lH1N2SWR9MQ6ersymfEmeVdQWGhiwhkRRoCEgTkdnDBfFwOSVqkBOqPVX-AwbyOlesD9hGdVegtBqpnCoKzLt83_EmKEJBjcbKRHvlNqQ2RF09EslFE4ije5ZA9kYxDluqNd04tJ04hA45L74q5m4HfYXHCKQB4E2jB68UIGkIlNSBIraAF9oQjtj7nLTe0f2XKh2C4YV6BPc9WncERfOaNC1loT7vYVmf76JLmYczDDWMAfe6UG9wBCceC-qyt7KeDzrxbE5O0Eu98GZkxsOYtHOmbg3abivq--4OCvt-VuBw4jNJa1PWPfBQP_HubtIHMAWx4ZHfAQV2bvZ8NMi2TnJ1JCJxds295MJ2XhsuXSzBFaP6wXPrX6WKlKW6zrsPRmSV5RZYTAw-tFsbjFw0O3422MnwHbsfZ39DpVZjFjYnvp5SwUs_OeoIbaQpBnX-2vDpNLzHEArW87p2Asm0Y9IbJmi_o9METVuC2yWTkufsVXO4zcYhrvUhs_bz4grWwDzVITVEE-9b_oyBAZ7-2HLbdnlrSdYKMjUzQS1Xx-vQckkTWRKC74SoIFqn8nyCOSL-kIgsaa_oZoZBZIJtwPfeD7jyYlMpdYqlSWypOqopKa6PfnLRcoVwIH_K8coULCx9mHoZJZMADHSqsnZFWk5bCZzxJpr6es2GoEMHxsGMvvpjlG_lXvFT6Poh8&cid=CAASKORo4TtuSKQIxlrYLkct60AsnkhIyJ-yXZqZ6i8c8QZsTHgh277lrpU&rfl=1%2Chttps%253A%252F%252Fwww.elmaelma.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A064 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 15:35:01 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 259B 35 KB
13 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H/1.1 200
OK dvbs_src_internal102.js Show response
cdn.doubleverify.com/ Frame A064 55 KB
18 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115825&plc=4259933&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grW8QvQeKn1msGNAZUxSi-&DVP_DBM_1=3060631&DVP_DBM_2=11927003&DVP_DBM_3=32488360&DVP_DBM_4=343500910&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=40424209140&turl=https://www.elmaelma.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 09:23:34 GMT
Server: Microsoft-IIS/10.0
ETag: "06fa3a94e43d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18094

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7188 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 15:35:01 GMT
expires: Wed, 19 Apr 2023 15:35:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A064 2 KB
1 KB 106ms
30ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_664114948746&jsTagObjCallback=__tagObject_callback_664114948746&num=6&ctx=1828362&cmp=115825&plc=4259933&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=664114948746&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=100&bridua=3&dup=null&turl=https://www.elmaelma.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grW8QvQeKn1msGNAZUxSi-&DVP_DBM_1=3060631&DVP_DBM_2=11927003&DVP_DBM_3=32488360&DVP_DBM_4=343500910&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=40424209140&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D6%3D%3E26%3D%3E2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D6%3D%3E26%3D%3E2%5D4%40%3ETar9EEADTbpTauTau6bgg24376c%60gg_gfd62%6027bd562g43%60a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.70&callbackName=__verify_callback_664114948746
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 86e02ee45858d711e51c8d71f286f5ec40f083a19d21ceac6b754be88ad15c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 04/19/2022 06:13:15

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame CF66
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=41470700035501804444556011935029&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41470700035501804444556011935029&actionid=981741&produktid=&dt_url=

0
629 B

83ms
36ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41470700035501804444556011935029&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 06:13:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 20 Apr 2022 08:13:15 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 20 Apr 2022 06:13:15 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41470700035501804444556011935029&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B9D59BA3:AB66_91EFC182:01BB_625FA47B_209BE6B1:7DE2

GET
H2 200 / Show response
adv.office-partner.de/ Frame 30C1 930 B
931 B 45ms
8ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 20 Apr 2022 06:13:15 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 27 Apr 2022 06:13:15 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame E728 1 KB
2 KB 233ms
132ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=41470700035501804444556011935029&nw=1
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d5d1816df01957dc870c3d99d8713531cf14eb6be803b9698c0130fb87da13df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Last-Modified: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900029.redintelligence.net/ Frame 681E 7 KB
2 KB 38ms
15ms Document
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=45f2344cfc&subid=&uid=53942760ecf0ddeb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSsOveqRfYpDQONPhx_AP95usmAOm5b2gaZ2cnKfJD_AuEAEgwY_BH2CV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTxAU_Q9xpK5LgtqHJWpwFlopxtRsGM4ORFi5v9GZFjNVdmCBwyYD39xOBfSpPpRaB7ae28JU1cWN688rtgiM-6j2pQvDvvtkRl5zDLXouT_NZVOfyblfmJh230OSINLqBzxPYTa13CB2OMswNWW8DgbsnVNvGRswKDXE58H3h-Rs3pK8jH3VOYuAxRjpH6WXAhkqE2ieNKsqsZfBBi-355HvbeUmXE5t4NcIqKII1edUSCWg_PX_6RVy-1tSXni0Kb9zmdnR8iO8N9LNJyMqvBuaQgLrVsZHYQ1qMKUve0rMeJPIOIVvpTQHevpUOcG2_nlqLABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt%26sig%3DAOD64_0UgEsGJdRE1rFPaDlwiDbWL2rNrQ%26client%3Dca-pub-9612539386533291%26dbm_c%3DAKAmf-DSRihzZOqeS3pcrDWJd1sUQxGFUcKALp87SFjGJ82fS_MOJt7PGHPAM8Sxgb7nYplmh94DKN5Xe3faryMe_AEANdhQuYjfQJiFTFNlI6oSd9kuWZzxa3BvX_U2mdk1QjcxWbv62kGcjuPSv5KSyMcCOZz2Vg%26cry%3D1%26dbm_d%3DAKAmf-BvgH2H_E7rssyr3Os01haY5mRCV6WMkqoqCY89bImeTZxQRDx-TgG5RrhjsOfh68SAan5aAuDyJqx1HhZHyWWo3LaK63UNk98yqBQnPJPsQ3ps7C8bH4eThnO9uxOAudRrxMBtkrC30uPwVdigHrf1DB3YljOE6x8WuJKcVCIaFUyB5pR2SZZ6XY9nfDsjGdNGshXoES4aYESEx3HgBi-O8o1OG9mz9eQfPJc4Lr2aFivchTkFfx3aTM9cljW4VLauI5je6Csbp273kLT8xyynLELdNVQXxA9BGtFZ3CwrGd4TgozW6GxlVTHLw6kMZBNDZezvmrOnQvq-53RJXghZC7VojOwqI_4GJAXYaMX21wVnjkzUGZCmezITzXDL3lar2yidGjn4R0CkWYUqXEebhiS7q2_K2TifayrtI3Z7czHKSGS7MXrDzuCeiEiMOH96Hy77p878_EQc89FEWc5OlTQEjg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.elmaelma.com%2F&ancestorOrigins=https%3A%2F%2Fwww.elmaelma.com&random=931493352804&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9194551dde63946300d3ffbabf8be9e63e1e6b1c06dbd491430487f320c24daa

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2036
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Apr 2022 06:13:15 GMT
Expires: Wed, 20 Apr 2022 07:13:15 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame E728
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=41470700035501804444556011935029
https://ad-server.eu/wm/pb/native.png

68 B
312 B

158ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:18:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA3:AB68_91EFC182:01BB_625FA47B_20A13D9A:7DE1
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E728 43 B
702 B 65ms
33ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=41470700035501804444556011935029&pv=1

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame E728 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22aa9b03b094c927a642a6b73adb4f6eac74a6910536983f917c79536d1ba7ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7188 35 KB
13 KB 33ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 681E 4 KB
649 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 05:06:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 681E 25 KB
25 KB 130ms
107ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8971c018bd83da546df7495cdfe681c69fcfde0b523103c0dda255a0ca97e97d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25412
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 681E 27 KB
27 KB 100ms
78ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dd2ba09ffbedc1bac695601758ca3c95cf68fb5a90f9e4596651938f4fd9602f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27287
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 681E 25 KB
25 KB 105ms
81ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5e021f1c27a1e0cd8c0c5514101bc1db299f9d64af34d401bdbb2290d55cbcba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25849
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 30C1 87 KB
34 KB 135ms
47ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73908edc998f78ed24aafcc1605d0cce5580aa6efa725ab66ed2568e7e42bac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34110
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:15 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A064 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8dbb6ce75623f0ad406fde606d85b94e9e372430a862531ef17cb1f4eb04e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9368
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 15:20:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:38:43 GMT

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame 681E 0
150 B 34ms
12ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=41470700035501804444556011935029&a=b1a341cd&vb=m
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 681E 13 KB
13 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900029.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 562146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 18:04:09 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 681E 13 KB
13 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900029.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 562185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 18:03:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259B 0
20 B 68ms
68ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLYm6e6RfYub0D46IrATFrbTADAAAAAA4AeAEAg&bg=!GxilGFzNAAZvJBiFTyQ7ACkAdvg8WmvOOmdhrhyGPmbdI9y5sEOdlUWWTWUGo5OZyz4nRTGElv_lKwIAAACfUgAAAAJoAQcKACIjcDcOYZiY9GHjcKojw6DcbuMyZCwmLa-O5lr1AlfMPUYqmQLxtfXZGPtvKOuAn45gF-JgrHSjMdLqXhqlUsYYfg-WcPNueK49xut7fDHbC1nCdwU0fjWnnYAHn83aaFhV5PKrTgJuXiGmm521cJeudqucfqvJXRgld21Ng8fVV35JfjtRBygRAxueYdzoYorzWF__VN52QqjsncPjzd2ho8c0GN5VtJ0TKrsXC44KvwmhYvuvXZPBwL7jXcmMFrXT7jry1PqN7w3f7vH5N-zTKS-ekAsX_hTQJwOX4AiKuVSgkf6gd3E-ugb37fxH58ce1L9T5bRFD3Fv1GBlEHtl5dVa_xrBAhVrrDQHtyrVcKfh3BL9S9k0ovaqjeGj0RsaXyGMa01VZCTE2pRln6Ds2y8opdhrfNVuRJirGLN9GWzR5pl0exueXLVuplXu3PvICAHwuZ0CmObTt4jUpjRANCaYtHQhAnITe--4fEpg_09OCQGzbMTuSJHD2k2IeEzCxMSV-OM3Nz74HrxYtocIdIfy5z349WFfBNm24aiIC4AibEyaLs3kKbbCR1sve9WsAc5HN9vznqe5ynwSq6eBxycsqIm4LTxaeW2MF2GCyzwv0RK6kjCU28gy0rOShIfy-1_25vcj5KJDK7EDtBLEZ2D7ayoFRmVsXy7FfZVqw18O8cm0avX5kjFwKsce9E2MlbosJQsAJ9NAdpUUbLwULzL4mUPDb56IKsE-6WuSxv29c8SRYx52yQCVEARKIf_rFRkf9P2Fp_AE_tMH0ztEM36OqzfG6DIrabZ1m04D6lHVVju7emPB84sXuKWaRD2fQOhYgFEJRAm9zDIxxoF2rNAdqdf656swJ5XHEBCAyHHBdYtC0qKKXCmwS10dei-xjZJ3crDE_JLC-MqPbyvrYMjEdMkEiqyPZKJOpIA7g0AAbCBWjZ6YD01x_BlNlcP8HfLBAZInBUgGWo2nBt4fFe3wNMYtYuRKrHm--UTTj_iueb4iB8Sr6Vz6c-itkI-Bhg59SNG8wc-dwt8ew8yrVqJt56pu

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v86.js Show response
www.googletagservices.com/dcm/ Frame A064 54 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v86.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 16:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 16:38:44 GMT

GET
H2 200 B9689862.280626343;dc_ver=86.253;sz=160x600;u_sd=1;dc_adk=2086295856;ord=gbl7dk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.elmaelma.com%2F$0;xdt=1;crlt... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 81CC 45 KB
23 KB 160ms
72ms Document
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=86.253;sz=160x600;u_sd=1;dc_adk=2086295856;ord=gbl7dk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.elmaelma.com%2F$0;xdt=1;crlt=f8ThgUORXR;stc=1;sttr=52;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v86.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

6072b4ce659888c19735ddfbd4814352315cfd37b6a26e9ba0f0bd53390404e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 22721
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements2609.js Show response
cdn.doubleverify.com/ Frame 7A92 528 KB
98 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2609.js
Requested by: Host: www.elmaelma.com
URL: https://www.elmaelma.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 716cc749f6da9c8fb09ad2e9847e558f836ed0b26fd4bd4e2ca4dc4923f0b79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2022 11:03:27 GMT
Server: Microsoft-IIS/10.0
ETag: "80a91ee1353d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99752

GET
DATA 200
OK truncated
/ Frame A064 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d5d94934d8ca9efc4714b0ac9d55bc5ac66be7441f091b79eebfcbf2c423a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7188 0
20 B 68ms
67ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQmXne6RfYs-4G4SG9u8Pp7-g2AwAAAAAOAHgBAI&bg=!TE-lTwvNAAZvJBiFTyQ7ACkAdvg8WsWlkRXBOqc76lLlrXLS5F3fBrJvX3g6RYyUHWlBFnqBKIVBDAIAAAB4UgAAAAVoAQeZAugzPEpJMjouehnt6tTL40eF3BoPQQmfWETKUxfcWPSvE_wnGIp2Yp01gZFuxevY3FbLZ3PVlHyZtqswCjQvBBYgx9RklCrr7gkNVQfKIPFnFioCb8bE5P95ixR52WQF-66kAXKb0i4tMgb6X4-m4W3HOjThyggd1JB9MnqF2xcrC6J-Rg2oShOKtwmOvtwKtNzzpOspJFPLyOalOsBdPzXDUjZHMHK4ela23PgvbOS-v-CnUOnyavm692W9rTm3jS8xGKsr_A6OIt04nTsqvFtuxwfJVt69KwwPuJCFo9AxX34E-id8ync31R2f7Z7MQtz8yh9xumdOWww1VkjDRr0QvPowi-Akzyw8cz9hlwEVKfCWN8MMsLLYOToRIFC6KfZ2JzI2c8iJot62fjn45OgBhCsDjQCRV6wdGLBvWMqU58qKHiOM7xvumEyrZBzHScon_buSh1T-p33jPThw0qMNDBYVJo_5ReGyMsg9SxHxjbuFpMW_KoO5JYlv30XF8jAbo3TjcRnEbpj7oCA1uOPMMPob5MkhNYTwT7andcmuLhUtkOaRBYVv2i6ba2QyKUEkSwWJDNhyHSdJHUbYAtdC8Ga8JaM8SytAD_LBYbLwx_97nbRjlRJ5cOxpWG7sHLxWfBygnc4V9rdKrbw5mvMImqeT60BW4r5D_FXfzbQ_yeP8Y2-tixEuaobXQ0cZ8UcCWptVHsJkTcVbR_YxrE0HPwOUER3JTreuHyiq6XwEXyxj3vpvGhpopKNsmdQNSjUtSIANS8w82Xgcugsh-wsJsg8og1amM78_ErnFw9JqEVSzVY_d8ojMuTkoPL4Ufn0aJ7vkpZ1T0J4CYs7LBYFAKiply5n3gEaBhLaStAYjsHXd9jx246fAjhVt5ct5_JcE4ixjsEXnxtWackVPIzGMaQwQpmVeEOpWBqwyZqqQEJIAx1q4uDfWIMRrZ56BmkTRG_HG-dks6j27zxpIF1MkatsYQpxa408

Requested by

Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E728 51 KB
51 KB 62ms
8ms Script
application/javascript 143.204.201.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=41470700035501804444556011935029&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-26.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 4179
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 20 Apr 2022 05:03:37 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 52083
x-amz-cf-id: H6Xej2tRlpBVbf8-VjLuiZTd3inCOjizND4OLQmZj1VJ8mlyCS319A==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame E728 3 KB
3 KB 69ms
26ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=61624800024152404444978011935022&wglinkid=2513135
Requested by: Host: e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
URL: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:15 GMT
Last-Modified: Wed, 20 Apr 2022 06:13:15 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7A92 1 KB
1 KB 206ms
12ms Script
text/javascript 213.254.244.109
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=64&ttfrms=21&brid=3&brver=100.0.4896.75&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D6%3D%3E26%3D%3E2%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D6%3D%3E26%3D%3E2%5D4%40%3ETar9EEADTbpTauTau6bgg24376c%60gg_gfd62%6027bd562g43%60a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1650435195932755&jsCallback=dvCallback_1650435195932521&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2609&tgjsver=2609&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fe388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&sdf=2&dvp_epl=235&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.elmaelma.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grW8QvQeKn1msGNAZUxSi-&DVP_DBM_1=3060631&DVP_DBM_2=11927003&DVP_DBM_3=32488360&DVP_DBM_4=343500910&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=40424209140&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=25939121408.760426&dvp_tukv=40957730907.41509&dvp_uuid=54086778633.20968&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=705258300105
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2609.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.109 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: cf60b9e00bf3b0a8cb4c92267355e56b314cdbae692ca5911e3e0344de8b4730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:12:52 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 04/19/2022 06:13:16

GET
H2 200 697677707549585484
s0.2mdn.net/simgad/ Frame 81CC 85 KB
85 KB 127ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/697677707549585484

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=86.253;sz=160x600;u_sd=1;dc_adk=2086295856;ord=gbl7dk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.elmaelma.com%2F$0;xdt=1;crlt=f8ThgUORXR;stc=1;sttr=52;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425c6a2930c93e1ad8cb560e73a1e34e09c223c2146480a3fafdcb200a02b0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 06:32:08 GMT
x-content-type-options: nosniff
age: 430868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86916
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 06:32:08 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/xfa/ Frame 81CC 10 KB
4 KB 34ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 16:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4034
x-xss-protection: 0
server: cafe
etag: 4087262437388033801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 16:27:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/elements/html/ Frame 81CC 8 KB
3 KB 33ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 05:56:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81CC 119 KB
36 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:16 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81CC 0
575 B 162ms
70ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0pQB-HqyyABZC2Kj58nQcbn7ZHo792U9EBH4KrpP1oUv3IIPZd9UXR5w36viAOV7Spxk-u4r35drxwYbXjmbmMMsfGLZZE1oTYIHPeYtusD8uhq66QsF7gNYiONC9Zht23BjwiO5UH-YhvNd5iclTcw&sig=Cg0ArKJSzAI-yhRE1jinEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220418.53397&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 81CC 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 15:35:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 81CC 7 KB
5 KB 44ms
43ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

47f92fa8ca773bbc59fd7972db77a6068de49d2e5f731d6e651cfc96e2b5ded9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59D0 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 15:35:01 GMT
expires: Wed, 19 Apr 2023 15:35:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3EF 42 B
64 B 70ms
70ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0bzt77Nf6vmUN0H4Kvu_HkUGrS7pWHZyC3eo13I5DaEsyUQgqtMfdBX-L-lFnWErz2Slv8I5UmvMEbuipS_Pamw0qmxkGyb5bYd1_7OIanqrU97v2Kw&sai=AMfl-YQc8nK79PaeGuBDwS_je3Iy4zjmOrioLMYymzoe6bZHlJjMV8Vuxxz039bp2g8jkm-bfbCtfnQdnh41wa69u8_iJdK5C7YmPjhj1bl1507AsPtwRz5jD1HzfZTHCrE&sig=Cg0ArKJSzN7Z169GEFFAEAE&cid=CAQSPgCNIrLMznUm35nba0ehFEDf8gM4WkYgYkV0Z476fakPyOEUxmX-3b66lDFw28jIu4eeZJUhpPipgpX6mueIGAE&id=lidar2&mcvt=1000&p=1058,233,1312,533&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&app=0&itpl=20&adk=908445770&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435194726&rpt=339&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 59D0 35 KB
13 KB 35ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81CC 0
26 B 139ms
68ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 81CC 17 KB
6 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220418/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:16 GMT

GET
H2 200 esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/08/03/ 49 KB
50 KB 134ms
134ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/08/03/esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 093e2278461b0fb21422c9bc975851c93f9576617b884baedbbde5c2d88825c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/06/21/ 49 KB
49 KB 36ms
36ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/06/21/evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 930eea2034b19b94cde48c417bf19e8120f8801f4f8c87e387184922e2cbe37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 shabby-chic-ePQz_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2018/04/18/ 62 KB
63 KB 136ms
135ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2018/04/18/shabby-chic-ePQz_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 2ceb401bb097394c6e117b978bf1160494734c1379651a1bd0564a481f764bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/01/24/ 94 KB
95 KB 136ms
135ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/01/24/evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: a2fe2905133fc499120f86df8660f2c645efa57b208c435fce0df90bbbd45923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 kuymak-nasil-yapilir-IGV2_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2018/11/18/ 70 KB
71 KB 191ms
191ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2018/11/18/kuymak-nasil-yapilir-IGV2_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e7566ebf058cd7d4b60fe9884520feb8df02a003a5267e573a02675e11d3dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2019/02/15/ 38 KB
38 KB 191ms
190ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2019/02/15/cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: cc2a700ecf2220e0251d722869ba6cc22a6d8e0e414197b88cb417ae7528ad15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: EXPIRED

GET
H2 200 domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2019/10/28/ 41 KB
42 KB 20ms
20ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2019/10/28/domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 4752551fac2fc7f6e4ddf2939a09c62eb9dd25463b8451396e2ba99b4297178e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 62ms
62ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9f34c4946c39ed5159469dd83eafa11d6c3d45bf4a2c61cdb191cf6b6f688094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D0 0
22 B 68ms
68ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7DT4e6RfYvLCOYbPgAfqzZvQDgAAAAA4AeAEAg&bg=!0tGl0ZXNAAZvJBiFTyQ7ACkAdvg8WhMgAg7MkylmvaVTBlIVM062AvBuDkdn4voonUbjylncdYGKaQIAAABcUgAAAAFoAQeZAw7INAaQu-Zy5gSGUBdd4P-TABrMbcckMYODM-s1mc1dx4Io11MNypWJqOyNM_HGdmVLU2aiOjw1GboSVyjGotCFVf-TJgdEP8okyEXJz-zbuMEyxNbzjjuINfTlPrIJRHxmmxcGDiR_XZvM1Ao5UxbINjMlcHIvbS558qXt72T576InzZNF4Ti6Ckfy5rlhANr7u9uFt15B39woWH6oq20NaPXa8VSDe6U5SgyliTePHQ9oBcVoBgTAHazEv7FVzuP7Wo6WKEy4ag-FvTVY_kdeBdDDCzlzuGRw14FHpXBIxvNzVHPc7gc5odHRPZ0TelykbgGVxiHEIcdjyv3whmnA6UJc2UQRj_dXJmX3nt663CgoH_rKuRVjEtK4YwAsFIf2qWFeSuttc0rzLtibU54ofNjIJVxy1D1vIYYMb4BA2wiGDMiX98Tcg2ZDkJVgOrjV3vvUQsu-yiRKsv-d7uWykvvIxIKVHVGpRoV3oddM7v7S3T7Vxbz-mnc0In49Oaa4BKuok9V2dopnmczcsVLSTW4FgK5tx-xMJkecdnxg0NEhEJ9rhsE6zrya72ScfZx9w2plURRxKkskeoygyt5DAQM-e8usl7SQGEgX-MuLtXTSe-gTGA2cLAe5e-49hT7rVpNmiyprFdTuCJM4aIgRvZFNwtB7k67aeYJRUrFb58a44pHbYuGBADLXKiX5kYbxdSR4BHt3ZKfE-60CFTro18JGGfsC6JmftS8lCwZSKyIt521TfvD97WVT_A8TJzmtkNbcPUN0eOMxzBEQQn1niMVzINsW0N_4uQwLXs4J-Lglaak6c6loMG6Wllv6VecRP8kyypjC92NNBbQ-HL89eOSJ4u7mgRESFUnPAtqAJZ2aj0x7wtajTX4n0G-mLo3y-L5R3mr-A7TOG2ZVv4H7SrD-gs-_15bKk4y2nwzy0AoZF7_WuTRxF74uvZ79RbPJ4q49XrxhKiJORzuzBioKZEEsdJp7DX5Uzs5d-7HTW7wuSkYXKFUWxRASh8Ocj24LrfupPLW4E_42jT6Org

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C645 42 B
64 B 67ms
67ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQsHxCSAR_krJSYd1xQTsl5YwPO07hgY6D81z5s4BS-JFCYFyTY4UEAPq72bzC0-uS7UnWa94SqK7JDOEXXwDrWnHObpd0PiU8nQdhvZ_UYRqKBJuCFQ&sai=AMfl-YSUcJjXJdU0wqFFVnYlsehvmMaIwpxVUwMhu91ugLSp42_eikQ52fZzyvxKpy7Iyhw9Az3wfeqaTj2ixQitq30cuMDdoXS4f4Mx8ZisuG3Lbk6JLec-PzYijfF-qnc&sig=Cg0ArKJSzAKgbSS2nrjXEAE&id=lidar2&mcvt=1000&p=100,0,350,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3857186176&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435195026&rpt=240&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/06/21/ 49 KB
49 KB 19ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/06/21/evi-kolay-temizleme-yontemleri-8R3F_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 930eea2034b19b94cde48c417bf19e8120f8801f4f8c87e387184922e2cbe37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:16 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8603 35 KB
13 KB 33ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H2 200 domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2019/10/28/ 41 KB
42 KB 19ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2019/10/28/domtes-maskesi-nasil-yapilir-nwc4_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 4752551fac2fc7f6e4ddf2939a09c62eb9dd25463b8451396e2ba99b4297178e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73C4 13 KB
5 KB 43ms
43ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 21:23:26 GMT
expires: Wed, 19 Apr 2023 21:23:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 022B 783 B
535 B 51ms
50ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

994c7f9fad70b0eea97b6216d88c3740c4e09459f0f46b5dd92cbd6acc5c8da1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kv0r6tht5BAjKU8uNVaf0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elmaelma.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Kv0r6tht5BAjKU8uNVaf0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:16 GMT
expires: Wed, 20 Apr 2022 06:13:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 022B 0
0 81ms
81ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=1586909204109584&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2019/02/15/ 38 KB
38 KB 18ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2019/02/15/cocuklarin-dis-gicirdatmasi-neden-Jbds_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: cc2a700ecf2220e0251d722869ba6cc22a6d8e0e414197b88cb417ae7528ad15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 73C4 35 KB
13 KB 32ms
32ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 13:33:11 GMT

GET
H2 200 esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/08/03/ 49 KB
50 KB 19ms
18ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/08/03/esin-zehirlenmesi-belirtileri-neler-cEh8_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 093e2278461b0fb21422c9bc975851c93f9576617b884baedbbde5c2d88825c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 shabby-chic-ePQz_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2018/04/18/ 62 KB
63 KB 19ms
19ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2018/04/18/shabby-chic-ePQz_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: 2ceb401bb097394c6e117b978bf1160494734c1379651a1bd0564a481f764bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
i.elmaelma.com/2/470/265/storage/files/images/2019/01/24/ 94 KB
95 KB 27ms
27ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/470/265/storage/files/images/2019/01/24/evde-geometrik-desen-dekorasyonlari-819n_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: a2fe2905133fc499120f86df8660f2c645efa57b208c435fce0df90bbbd45923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H2 200 kuymak-nasil-yapilir-IGV2_cover.jpg
i.elmaelma.com/2/500/255/storage/files/images/2018/11/18/ 70 KB
71 KB 25ms
25ms Image
image/jpeg 195.142.105.14
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.elmaelma.com/2/500/255/storage/files/images/2018/11/18/kuymak-nasil-yapilir-IGV2_cover.jpg
Requested by: Host: s.elmaelma.com
URL: https://s.elmaelma.com/assets/web/js/app.3045a8fff8d961103bb67d75516a0416.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.14 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / Express
Resource Hash: e7566ebf058cd7d4b60fe9884520feb8df02a003a5267e573a02675e11d3dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
x-proudly-served-by: Bilgin Pro
x-rocket-node: edge01.lon.uk.eu.rocketcdn.com
server: nginx
x-rocket-mastercachestatus: HIT
x-powered-by: Express
app-name: node-picasso
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
expires: Fri, 20 May 2022 06:13:16 GMT
cache-control: max-age=2592000
x-lb-cache: MISS
x-rocket-cachestatus: HIT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E728 42 B
64 B 81ms
81ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQXCEQTFDb_839hMbCPZ5sT7hPgWfBCR9VFskZ5RvhKDPSdA432_wer3X6SaVwKCWV2t-RjIbOOiYKFVGLF1H3pe-WO5Jg1dwU8UOW&sai=AMfl-YT5MItYCKfjbDJ6lg0HzCMNMyPVbDS-p6wY5erXpx6Yx25Al43I7JC2rajwlfOTf4mNGMzrTdL4YGnMEjr9xhIyiW7dcunX9kFqKMiwX-EOjGrCruuXWfVauoYe9Q&sig=Cg0ArKJSzBsilyyw0FmCEAE&cid=CAASJuRoJOmG7bJ-0lawgCK2KQQaejnPirseOXp5SEsSTCQpYJTj6sVt&id=lidar2&mcvt=1085&p=370,20,970,180&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3604206393&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435195148&rpt=496&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E728 16 B
232 B 106ms
106ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Apr 2022 06:13:17 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 132ms
34ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 20 Apr 2022 06:13:16 GMT
server: nginx

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame 681E 0
150 B 42ms
18ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=41470700035501804444556011935029&a=b1a341cd&vb=v
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=41470700035501804444556011935029&a=f4471b75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:16 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 73C4 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-0zVww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A064 42 B
64 B 71ms
71ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7b758ocoXQq6g4KVRgnLdRoQLKye4i4V22VbzDwbA8DDjuMOIiCaC0xBpi2bEAOmkBdtYN46zE2zDw7tsOduKk3587JjN6DHDr4VgjE063C0fDluJ1A&sai=AMfl-YQMY-v1u0CXTIyFjbmjb5oRPho0OdYmfz6-N65oURmKgcT64uXzjPqH31Fiu8fykjMBb8Kuxa1s0WazNLZ1GRXNOZOpgSxu8l7dmqFkHOPnqmW7KWcmQ01Av62WW-WV&sig=Cg0ArKJSzMGKU82lrrYAEAE&cid=CAASKORo4TtuSKQIxlrYLkct60AsnkhIyJ-yXZqZ6i8c8QZsTHgh277lrpU&id=lidar2&mcvt=1002&p=370,1420,974,1580&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3153433976&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435195303&rpt=575&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81CC 42 B
64 B 65ms
65ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3nMbuuOFsOIaBygYwVXabh8D7fKZHGHKP3CZVBGoGFrMZQn6-8G0VUCetghTR_jrr5BryCdgg5K1qX0PCqMP0hWXNEcTG&sig=Cg0ArKJSzBd0qo9E3UXYEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=2086295856&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435195840&rpt=401&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
100ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=1586909204109584&bg=!YmGlYSXNAAZvJBiFTyQ7ACkAdvg8Wi_Uhl3BrW-ts9T-Cn2kdq4r8mmn6tvuNRnRfUIZtARb4zp6DAIAAACKUgAAAAFoAQeZAqS0p5MxoXmQbBe-kf8F4vCbz0ZN_3zzPoodhCxCq3bImV4Qr2PchLYcHUayvLDRg4GqY7vF-dgHcuOGRK756osp7dQ_agxnaJ7NsVrC16cO9ygE7d7qYm_6e0oX7ouOa3q8x8dmbLgdJZuM4mirHzngVzXGIno72gLOu1rOApBoqXuruUFw6h5pxfhJmlZVSHQ45irtlQmJU13E5DbcpPbrWc-5QAIl5PdwNk04L-cdOW0BA0Do-3Tg1WcTk_zXBvoDsO-bJry6CewAoyD2soiSasHyiV3Mw_wTuhurDEIANKhthUhZQXgLJhBtf-Kyvu7ipN5pSricU0nogRLsuS2K5XugIXM21s0-vRr6Nv1rgQJ1-r59TlE8vrdQsoVkkWZYlAISlNYNLbDweG2Gw65apPw1nd3-huDy7y3U6mTJBPLiWHfPGJ1m7-6sUxT6p1sJ1WjAhjZswPZmicDszh6yY1t2vGZQyJbZxdQgcRB_500xfotcyzXOFb6YjDcpp2aanJHZxH3KxirqhXEsVVmjJgRlAuCB6fgdXgYo3VLSxlljLrMwZVyOBBGqfJMb5uGfxg95FHMe3k60Itf8q_sQ4SrFLL1Dz_CIxIZV9-DVZRJLw6DRSg6tJ9fHYlsFPbdw7ttuyKwtwVaTw_WsIFQdPhS8NqUMgL9grGp5P57A6muPS3P3VLnZJuSfuRXBYST9WwRv3iVJqpn77BJxAh26Wd1QdtKDzkXT-dybXkqQH5zcwQpwccIgAoNzGT7UGBxknmzflYZuQ8X4fhD7peKpoK5zqgGP-ZTn9CAKiM-q7kypUagE1RRJnGUzEM0yZTOG8bOf0MPnmpHvJLyHNUt_K7MfCgVjrCcQuKcW2NReV7JNdMpFcGMObdAXdgFot-nw7b9U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elmaelma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame A064 0
319 B 53ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=8ac85beea90c4a009b1d4b60a3fa925a&nav_pltfrm=Linux%20x86_64&cbust=1650435197720228
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:17 GMT
Vary: Origin
Access-Control-Allow-Origin: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 04/19/2022 06:13:17

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 7A92 0
295 B 23ms
7ms Ping
text/plain 213.254.244.109
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a7689991f89648708b7406a3be37ad86&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=207&eoid=9&msrjs=2609&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=12&msltms=18&vltms=207&sei=289&vetms=5&engms=1&engisel=1&ttfurm=2232&cbust=1650435198144419
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2609.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.109 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
Pragma: no-cache
Date: Wed, 20 Apr 2022 06:12:51 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 04/19/2022 06:13:18

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 7A92 0
295 B 8ms
7ms Ping
text/plain 213.254.244.109
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a7689991f89648708b7406a3be37ad86&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=11&ismms=28&isumms=27&isvelg=1&nvr=6&isgmmims=28&isgmv4mims=28&elmtp=1&isbxdms=2328&b0=100&b11=2408&adhgt=600&adwdth=160&norwdth=160&norhgt=600&engisel=1&vsos=5&dvp_vsosnmr=16&lftb=2508&sftb=2508&msrdp=1&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=928&isuiabvms=928&isgmpims=128&isgmv4dpims=928&ispmxpms=928&engalms=27&dvp_dpr=1&cbust=1650435199143305
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2609.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.109 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:19 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 04/19/2022 06:13:19

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elmaelma.com/	1970-01-20 19:58:27	Name: _ga Value: GA1.2.1180536202.1650435194
.elmaelma.com/	1970-01-20 02:28:41	Name: _gid Value: GA1.2.1024319101.1650435194
.elmaelma.com/	1970-01-20 02:27:15	Name: _gat Value: 1
.elmaelma.com/	1970-01-20 11:12:51	Name: _ym_uid Value: 1650435194777626090
.elmaelma.com/	1970-01-20 11:12:51	Name: _ym_d Value: 1650435194
.mc.yandex.com/	1970-01-20 02:27:15	Name: sync_cookie_csrf Value: 2057504142fake
.elmaelma.com/	1970-01-20 02:28:27	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 02:27:15	Name: sync_cookie_csrf Value: 2957345414fake
.yandex.com/	1970-01-20 11:12:51	Name: yandexuid Value: 7179816321650435194
.yandex.com/	1970-01-20 11:12:51	Name: yuidss Value: 7179816321650435194
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1973233471650435194
.yandex.com/	1970-01-23 18:03:15	Name: i Value: PK5lFekNUgIjp1SpjKqLu6GOU6nmfm4nTmPob2H1bz90+k43C1JnQQn+T2vZtoYYgdGrKt+Vljs537Acw4/l8ZM3vac=
.yandex.com/	1970-01-20 11:12:51	Name: ymex Value: 1681971194.yrts.1650435194#1681971194.yrtsi.1650435194
.elmaelma.com/	1970-01-20 02:27:16	Name: _ym_visorc Value: w
.adfarm1.adition.com/	1970-01-20 04:36:51	Name: UserID1 Value: 7088565182400692675
.doubleclick.net/	1970-01-20 11:48:51	Name: IDE Value: AHWqTUmH2-xCKtHimU-rkdaly4PBoeKLVIL5CeKuYQVBV_5xkbqDwumVL9iavVdue44
.casalemedia.com/	1970-01-20 11:12:51	Name: CMID Value: Yl.kevdrwnUbK1bL3j0mCAAA
.casalemedia.com/	1970-01-20 04:36:51	Name: CMPS Value: 3268
.adnxs.com/	1970-01-20 04:36:51	Name: uuid2 Value: 5692683719627113177
.casalemedia.com/	1970-01-20 04:36:51	Name: CMPRO Value: 1186
.casalemedia.com/	1970-01-20 02:28:41	Name: CMST Value: Yl+kemJfpHsA
.casalemedia.com/	1970-01-20 11:12:51	Name: CMRUM3 Value: 2d625fa47b2760CAESEBWMQ-E95B_-hZZrzKmuftc
.adnxs.com/	1970-01-20 04:36:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IljnsuVu!]tbPl1M>e)ZlrFUfJ+tGXxpCFpmCVI*0uVCAaAaECaV4Yv=b>[81o<x!K!F3If)y3KL9D3I?+r<k.z?
.elmaelma.com/	1970-01-20 11:48:51	Name: __gads Value: ID=8de74e56a4836e61-229fab9d7ccd0027:T=1650435194:S=ALNI_MbzAt68dvGKfbrvlR1JzlymGNOang
.redintelligence.net/	1970-01-20 04:36:51	Name: 8lcfmzhxc8d6_uid Value: d58b8522537b947b
.doubleclick.net/	1970-01-20 02:27:18	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 02:30:07	Name: awpv22610 Value: 296283\|1650435195\|f722dcd0-c070-11ec-b2c9-2230dc32a976
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yjpxzbeng0cwzr2cpac4yeip
pb.media01.eu/	1970-01-20 19:59:53	Name: DTU Value: 7962DCA1417C2FAC8BB5D8BB39F7AD01
.office-partner.de/	1970-01-21 02:27:15	Name: source Value: {"webgains_webgains":{"timestamp":1650435195909,"clickCookie":false}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9614.6MRbofnnf6pDiwlRb12Uz6vw2yPw-Dl33vQAyvhUWalCE6EPTjiM_zZsrVHxYk_z7N_1tugiZ_UPDPO80P5vZQ%2C%2C.5ewMYQy1KdEJrZkpBILTm-iubAo%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-cdn.bilgin.pro
ad-server.eu
ad.bilgin.pro
ad.doubleclick.net
ad9.adfarm1.adition.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.doubleverify.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
e388acbfe41880875ea1af35dea8cb12.safeframe.googlesyndication.com
elmaelma.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900029.redintelligence.net
i.elmaelma.com
ib.adnxs.com
imagesrv.adition.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
pandg.tapad.com
partner.googleadservices.com
pb.media01.eu
pghub.io
pv.medialead.de
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.elmaelma.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.webgains.com
www.awin1.com
www.elmaelma.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.111.239.217
138.201.63.157
142.250.184.194
142.250.184.226
142.250.186.38
142.250.186.98
143.204.201.26
145.239.193.130
185.33.220.242
195.142.105.14
195.142.105.24
195.142.106.235
195.142.109.125
213.254.244.109
217.79.188.10
23.35.236.247
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c0a::9c
2a02:26f0:3500:58b::4469
2a02:6b8::1:119
2a0b:4d07:101::1
34.102.243.38
34.149.12.213
35.241.45.217
46.236.13.147
54.72.0.164
54.76.176.197
85.114.159.98
88.198.250.30
88.99.219.174
03aa0dde082c255531c198ee77556b42bbce69712bc45cecd85ad281e4aaa6ac
03ac4e2025fbf324db37efc7415bd90fffd2c09f60e4be109143c0bc185b98e4
093e2278461b0fb21422c9bc975851c93f9576617b884baedbbde5c2d88825c9
0a4960c9e214dd310a6f054ad4cca8c0245e4502fff5db7c5da402aae7ac0a83
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfd490798e0f2624a8dfcc9c2f3d24b4195790b36bd605fef09cedbc8e64551
0fb2a2ebd521fe700af476d8bd34faf2aa725a460a16f7a82e7f12ce63b0ee0d
10bfa52d7ff659168e4e833d9a897adf2fa9ec60767afae6e02a42b15575a16d
10eb1ef2b530ad966ffbe7cf23322ce5ea024ad2131093a61deb1e62ca3985fe
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128ade407c55a538ffb6d5af6de0cbef2fdef01fef8d16360240cf4697aebb81
14ca2ac196e3cf1c667b025d19beee491f7350c557d298be2b026352cc55364b
178c18dced013b982f3a9636ce96697f20d56d425ecd8df93733e2bf69c7cbc7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1917ed23359e091a72ea75e6a781db2a66ce6903d0c653d62232fd9c5df05ae4
194bb73b109a8ac138778148032bced8af939546119e0e69704cc49728a68bd5
1c9847d928c7b4266a3575c3620489ba7c49dfb44fbded6fc6c2850625d06539
1ded674e7eb84b505a2e5ef4ce05518ddcc427ca969c5bd7e848b164f1d9dd44
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e0f08fd429042ce735512cd591869310cf63adbbca8511521f58c1cb653bb3c
1eb8ee0043a412b0171b320e61aebf26e21d9731b910bd39477b26a686976a72
219dd1bb99c17954dfe29bdac5b9e04b9079ad03bc15217ac30a3da4e2be8975
21cda92988f0d5d1528552e91f81f6e825572fe78f8294a79c4d1f67a57fe605
22aa9b03b094c927a642a6b73adb4f6eac74a6910536983f917c79536d1ba7ce
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
27237ce50d795e35168b420d798cc3aa1280b69ecb6f7a37ba7bbb010e03d268
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2c6beaf8da49cb08065194281f79205e5af4a96b5fcafb1724534c5aaf0c4f0f
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2ceb401bb097394c6e117b978bf1160494734c1379651a1bd0564a481f764bcf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f02be6bfd578332a5335af0932b784bf9d86e0e43b21ca9c920d3bc2445da76
3037d6b64ce21ee3826e508de0c2c66e2d483f04247148e15d8df9496f27cfbd
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
34672c86118a6cec989d7edf6c5db3810d5617f283fd2e94ded1e7f3a993f808
34fef3b12c824d95dd145ecee83e4b263f553bdae4c9ccee5ba3277e72961851
369425d5374cfb9bc86275fbf5d1c2bc919725c5bca1f9b12e6d32dc8326be0b
38111da64fd8b8d94f4ffb3abacb633dd076c74e1ab4e32fcbc316b386f6f5c1
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3afe5b37e9693f3b2ffd375c86cddeb079d1251b0572d8a9347359168d040e85
3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630
3fc797cdc9fe8469e636d17bee7462dc76aaebb19ef4612d1d132d7167acbfca
425c6a2930c93e1ad8cb560e73a1e34e09c223c2146480a3fafdcb200a02b0e4
4752551fac2fc7f6e4ddf2939a09c62eb9dd25463b8451396e2ba99b4297178e
47f92fa8ca773bbc59fd7972db77a6068de49d2e5f731d6e651cfc96e2b5ded9
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e040abc8881449b2e354cdb341cbf7eaf455ca22af1b4c0458aa469adb1e5a4
4f3d5d94934d8ca9efc4714b0ac9d55bc5ac66be7441f091b79eebfcbf2c423a
4fcf21e29b1f485760a494f777776c007ecf328d3482b3e9ee288afbe60a0de0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513075c25dadcac18e3cd39bf9850c08d5bb8e87a2a5576d481d11ff5695c7f3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57298c72d7311e371369a9c309d3fa24bda9ec2db257a4567ddb3f5eb64c9951
59bff1c564285d81e448e167efb0a5760a263bb5c7fc040449f0e2f83fe680bb
5b6b31099a2a45f00233efad7aec86edb71231305df8ba4c0cc35e4c72c6667c
5bfb11cb8d72ded34d048679193ed674daeb3f046d4724b3afe374926e3c7872
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
5ce4a5ae6403640aafaf3b13fa0c2ed0fe80a2d06386038685195f7cdeb7f2b3
5e021f1c27a1e0cd8c0c5514101bc1db299f9d64af34d401bdbb2290d55cbcba
6072b4ce659888c19735ddfbd4814352315cfd37b6a26e9ba0f0bd53390404e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63680c57bea5fbfad5a4b9e3bff4450d41d8fd58c9cda9af9e6d96cf78e00691
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
68555ecbc377dc3060315a377ffc1ff7b7097e3cd9558f2de6ac5344f58d882c
686423324a5d0b5a38b1a8bd18bc43ea91bc1bb9ca7cd5833dabb73dc8e073f7
68f095452145b7375f0656b0530c905f47a6b401acc865d57fa78a03b43f480a
6a6bd6a1403f2f4330eb96f7f1cfb93d9eeb41f2ce808404e4e3f749ce68bca3
6dbefee9c7265e8dc7e98b8fb73e78c96527fc9ceacececb813eefab7ab8a5a5
6ebf524018d437220bab0ac5c2ac3ec328ae2e551069c2b4abb62a83a3e9be08
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
716cc749f6da9c8fb09ad2e9847e558f836ed0b26fd4bd4e2ca4dc4923f0b79e
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f
73908edc998f78ed24aafcc1605d0cce5580aa6efa725ab66ed2568e7e42bac4
74b3282e04442aa829b8049beb777383a41c169589156975fca2149e12616585
76681018115e98a14b1660f94a3160894203c574c4223211dd39ff2f4ee6412c
7702e019432c69fab9ddd631a39aa769521f7733d5b4659013c9b10512f5b459
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b79f94ed5e26d169ab62b0d9b681962530baf262805a753e2ecfa65be661e24
7ea7243716d2eb40734ad1879ed1eef4577e468408bce4886b7a197cf1eec2d6
7fd80ccb16ca60c8d2244078eee4477798e6251e0d773dc543e934c0b753cb56
804b801fcbc9f64eb77eabbd879c1ba056288700da3d47f14b6e9cb1d143289b
80bfafc2de8e93900f248bf0ed8223d814b8838c63da67d33ae19ad977ea1067
8290eab7f533c21a79f48f071122926dd05f06f596822c52e4ded95b1b84606e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84c7d49eca9a81d9880567011ca3fbc46b6afb34f821bc03fe614fbc3434e821
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863ff90e08af499fa43fcaa2a708566c31b0025327b2e38ae95b460f5f99167d
86e02ee45858d711e51c8d71f286f5ec40f083a19d21ceac6b754be88ad15c5b
87d2266d8c3c97f745993d5ccbd564303974fd1afd54fad845babc99c7ee1337
8971c018bd83da546df7495cdfe681c69fcfde0b523103c0dda255a0ca97e97d
89eb9498cf00caf0bf174ef3380a222cccd8d42f0abfa7b013d08c4b4cfe6471
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2f8457bb56a11b972b0707dd5f348840c8c72fe9c581f63f99bb7558af3ca6
8b4cf260d8dc0839fe4bfc09511e4774e91c721881191c2efe1689d64b8f4d60
8b993ca96610c8fd0d3fea7397e5b68dc0ce2e9753d5be3dd9f6e7cdec69682c
8da2484b2ff3cd7ffe4537fdea1ad27d3425d6aec39b9f9818292f532e78b7bf
9194551dde63946300d3ffbabf8be9e63e1e6b1c06dbd491430487f320c24daa
930eea2034b19b94cde48c417bf19e8120f8801f4f8c87e387184922e2cbe37a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
97d9659238233219d075c63788a25d353b5f23c685deb6a78016340e21d9728d
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
994c7f9fad70b0eea97b6216d88c3740c4e09459f0f46b5dd92cbd6acc5c8da1
9d20263638e46c47e2751e0414eb813e85a4992d3f2589410e70fc8abb5f5a3f
9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512
9eecabfbdebddc882011fec3e5da17d7d81b355d05c649ecb64e61b53cdf8666
9f34c4946c39ed5159469dd83eafa11d6c3d45bf4a2c61cdb191cf6b6f688094
9fadf00f2dfad3c14e5973e9981dd926422180dbef36161fed90ef5982d16416
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2
a260efae34c6f756af91d53b1099e059a49ae31d62f9638df78fd62b86dc8c10
a2fe2905133fc499120f86df8660f2c645efa57b208c435fce0df90bbbd45923
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60f3ec98e8e7b825d2064021c9ac2daafe8f3edd61070401579fa414e4493be
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
ab19951257cf50b89529dbcefce5af7c2ddcc1daaaffe38316d3372be33f718b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd7f32d5229331fceb52728d39f9bf76cd799515e6d004aaf67938a6f984306
ade0f15978b054bd4dbedad1dc010c1da67556b9fb91bc552e3d4d75b41ae658
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee11cb9c2a4e0a7af85fa457482027525c01eb057b07e603f1987a851bc3d64
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24c4f439666f521a8d1597c6b6c7b9c5f0855680bd7d58f09fa146e494834a5
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b88b9f1a80ea588d9da0172ed2684b674e7c2ae08507259ea7b41b80ea071c1b
baddcdc592bec87ecd21e905ad45c2f0384debbc9480fbbd7a76b46dc346324e
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be87962252c963d22162edf217c236155e21ef1fd1e2e3acf761cd5f040d6da8
becfe54a92dcdab6b0dfb3b7db070d3f10e66732ed62a5ec2840ae3edd8c4b38
bf44bb2e4a68bc3d36bc60f92c9f0e0e719fb6f1f43f6ca7fc8c16fce2253b1f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c6c9fcecd68fea070f9a3866b11bcb5616e85f86e3f4a5749a3fd967cd2fa22f
c76fbbc1866517cac79cea6cfdd2090958cd6cbfad01a64b5b4b38b018036d7a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cc2a700ecf2220e0251d722869ba6cc22a6d8e0e414197b88cb417ae7528ad15
cc93509300e319702d67a64996ed2504b01dc0b89c66225dbb67f08e39bf2f64
cf60b9e00bf3b0a8cb4c92267355e56b314cdbae692ca5911e3e0344de8b4730
d4e12e1b21babbc97599c9bcdfc242374396f15666715038a17fcd2056f878f3
d51b39ddb3caa38fba66445371b421635285ba4a2788ac91a3287711ac58d908
d5a51eb772589ecd0b726a4c111a17140110194c21859e1ee4becfb439db9cec
d5d1816df01957dc870c3d99d8713531cf14eb6be803b9698c0130fb87da13df
d86a06d6a47b594068c80889d2ff66ee3623d1db21f9fbe0655ac19fa6285c33
da87dd5d2019fbcc3c241eed991710d8ca5f9600e91512fa232ee32b05a33d2d
dbc5370d2955197ecbf996f6b4ee3b2cf2111e06e538795d5dfa53a6a50d107d
dd2ba09ffbedc1bac695601758ca3c95cf68fb5a90f9e4596651938f4fd9602f
de3f3898168160297416b58048ed0a3a399ad59675aff3a0bfc362036d164f24
df6079cde1a55be2c7d4aaf0a55d29acc6ef289bb331b26580d3e9a2385b29f5
e0803041184b115ebea7624d83ec901d22302e0ddc36a25beaad195532cc44af
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e26e78d14a1f6e76420078d87b8a5d0b08fb9d08dfcbedd8868f057cbf8f879a
e399438f3531f6da51f8e4413c6c17bdd4fe6d604bdce158139bfdf53f0b5352
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e669a4fb990bb1d2091ea90ff0c5a38e45be731b5ca32f5a55fcb74422d6faca
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e7566ebf058cd7d4b60fe9884520feb8df02a003a5267e573a02675e11d3dd34
e79a1aca2bb28101b80afa699406e693890ffc8b89b370d918bb5f58828eaa0c
e7f96d9a81e506190b18b380959c64676b9fe12f8558ee1dc9845bd1eb4b08c9
e818950d539dd9963c6f6f6b060163ebc0696b4e7f2c81f665b3170d71846d08
e857fdca2a47e485f2202610b21bc1ac7ed1e4fd1d6c5db4fa79ebcbc3cce7ca
e948e7b4658ace30435360d88a604daadce866c5038ee5f2f3bed099069dc503
eb99c09ba04abd753cb6f158d57b9290247fe2aeb5339e3e63ce7b13e1550965
ebcba80a7cd453e1b38a3d00192b5e4f91ed91a028bf8ce70bb14ad391f18944
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0649a4b0d1dcca5568f20434ffaba4d6361deb6e2a0ca99bcd9e3e7597272d9
f123517614a23c259dc5dc7380004021b48f08b06a942570d7fc1dfc44a5b67e
f1581c749f2c004552377fb196490e495aa5da04a1513430c75d0ea0a3367d2f
f1e68916f94a7c4d63f13173e139a8a500ebd58c1ebbe85f4dcc2e664c91f05f
f2564b7acf0601f61c5564bf89065864028ad1a49e03b295d552a55fd72656c9
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f3be4c157abf98d150c570328cd7482f2cb603ed760a2c5dbcfcd49379c58417
f4bc9245dcd96e92ee26645a75ae0c5591822c618dac0f3972948bac135cd295
f4c2d1d185295d83ccfb08513e2e8965be79b56b140043214679ac833fc44cd1
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f8dbb6ce75623f0ad406fde606d85b94e9e372430a862531ef17cb1f4eb04e02
fb3bac0c52ef162a704a0a74cd9e37e311103005124030c5bc4d219ce520aec2
feb097fa48c73120eeced80f7b1178786f4fa81f7658b75b992d66e4f5a7ea69

www.elmaelma.com Open in urlscan Pro 195.142.106.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

94 %HTTPS

46 %IPv6

29 Domains

54 Subdomains

46 IPs

10 Countries

3920 kBTransfer

7488 kBSize

31 Cookies

3 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elmaelma.com Open in urlscan Pro
195.142.106.235 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

94 %
HTTPS

46 %
IPv6

29
Domains

54
Subdomains

46
IPs

10
Countries

3920 kB
Transfer

7488 kB
Size

31
Cookies

273 HTTP transactions
4 data transactions