www.klickaud.co Open in urlscan Pro
2606:4700:3030::6815:279d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.klickaud.co/download.php
Submission: On October 16 via manual (October 16th 2021, 1:01:22 pm UTC) from GB — Scanned from DE

Summary HTTP 138 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 19 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3030::6815:279d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.klickaud.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time www.klickaud.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3030::6815:279d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
25	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
16	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6 8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
14	213.254.244.21 213.254.244.21	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
138	29

9 2606:4700:3030::6815:279d (United States)

ASN13335 (CLOUDFLARENET, US)

www.klickaud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (Mountain View, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.37 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 213.254.244.21 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20512.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20240.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20225.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20241.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20223.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com tpc.googlesyndication.com	349 KB
30	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20512.doubleverify.com tps20518.doubleverify.com tps.doubleverify.com tps20240.doubleverify.com tps20225.doubleverify.com tps20241.doubleverify.com tps20223.doubleverify.com	435 KB
24	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	241 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com	9 KB
9	klickaud.co www.klickaud.co	106 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
6	googletagservices.com www.googletagservices.com	115 KB
4	google-analytics.com www.google-analytics.com	39 KB
3	google.com adservice.google.com www.google.com	2 KB
2	2mdn.net s0.2mdn.net	140 KB
2	facebook.com www.facebook.com	313 B
2	gstatic.com fonts.gstatic.com	32 KB
2	facebook.net connect.facebook.net	78 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	39 KB
1	moatads.com z.moatads.com	1 KB
1	google.de adservice.google.de	853 B
1	googletagmanager.com www.googletagmanager.com	38 KB
138	19

	Domain	Requested by
24	pagead2.googlesyndication.com	www.klickaud.co pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
14	cdn.doubleverify.com	1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com cdn.doubleverify.com www.klickaud.co ad.doubleclick.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	www.klickaud.co	www.klickaud.co
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com www.klickaud.co
4	tps.doubleverify.com	cdn.doubleverify.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	www.google-analytics.com	www.klickaud.co www.google-analytics.com www.googletagmanager.com
4	securepubads.g.doubleclick.net	www.klickaud.co securepubads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	www.klickaud.co s7.addthis.com
3	1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s0.2mdn.net	1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	tps20518.doubleverify.com	cdn.doubleverify.com
2	tps20512.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
2	www.google.com	tpc.googlesyndication.com 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.klickaud.co connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.klickaud.co maxcdn.bootstrapcdn.com
1	tps20223.doubleverify.com	cdn.doubleverify.com
1	tps20241.doubleverify.com	cdn.doubleverify.com
1	tps20225.doubleverify.com	cdn.doubleverify.com
1	tps20240.doubleverify.com	cdn.doubleverify.com
1	m.addthis.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.klickaud.co
1	ajax.googleapis.com	www.klickaud.co
1	fonts.googleapis.com	www.klickaud.co
138	39

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
www.paypal.me
www.forhub.io
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.klickaud.co/download.php
Frame ID: 404AA1EB4CFB68971D6AB956D252F84C
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 91C9E41F863E6FD0F11B96C91E56FB7A
Requests: 1 HTTP requests in this frame

Frame: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E72861400BC889920C0C25D1F2FBFC8B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/comments.php?app_id=2048611405365427&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30326d31f9cdac%26domain%3Dwww.klickaud.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.klickaud.co%252Ff14fafbd4eb33b%26relation%3Dparent.parent&container_width=1283&height=100&href=https%3A%2F%2Fwww.klickaud.com%2F&locale=en_GB&numposts=10&sdk=joey&version=v3.3&width=600
Frame ID: 5FAB3C15DB2576868C419E91BFAF42CD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 70D04011BBBF5F2BFF4F803447E9602B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D0F3F1850232935E16126DF3CCF55449
Requests: 1 HTTP requests in this frame

Frame: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D62A7552DA8487B53BA893CA4BEABC8A
Requests: 26 HTTP requests in this frame

Frame: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACBF42553F073F09C2E39754BF6D6DE7
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 012C1AC149586FA8FB1F91BB41F69A90
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F50035885530402E98575FC81EAFCAD1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo
Frame ID: 1B6737128238684BFFEC1C5AA7345F33
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A
Frame ID: 017FAB6751D01A03FE6562DF134552E7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A63CC7DA926AE8863D14C45BC62ABFC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 563268378B6E9022FC0028EE6EE82576
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 8B97E531E452E30B32430A10A2774693
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 15D23782F7C3753C6AF660934A3FFD43
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 7DE903F233AC8842BE04D427B04EE196
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: E591FAB9C11293E1C2015DD1C00A885C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38BB9E96CC69FA4B925B776D7F35990A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9C4F64ADD43D6DD34DE5A6898DD0F875
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: A8839598620BF87EF1FC9C22A889A575
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: E3DC83ED2A0A977840D767BE457FC0F5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: C0FFB0C45B90733333C39916C358DEFD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 34E1F43467AE288DAF7A8B178860107C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download It !!FacebookTwitterPrintEmailAddThis

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

68 %
IPv6

19
Domains

39
Subdomains

29
IPs

3
Countries

1869 kB
Transfer

5796 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=PbMUh-tGfQA&feature=youtu.be
Title: 📹 Video Tutor

Search URL Search Domain Scan URL

URL: https://www.facebook.com/klickaud/
Title: ⛹ About Us

Search URL Search Domain Scan URL

URL: https://www.paypal.me/NarenDhiran/10GBP
Title: Donate Us

Search URL Search Domain Scan URL

URL: https://www.forhub.io/facebook/en
Title: Facebook Video Downloader

Search URL Search Domain Scan URL

URL: https://www.forhub.io/dailymotion/en
Title: Dailymotion Downloader

Search URL Search Domain Scan URL

URL: https://www.forhub.io/tumblr/en
Title: Tumblr Video Downloader

Search URL Search Domain Scan URL

URL: https://www.forhub.io/instagram/en
Title: Instagram Video Downloader

Search URL Search Domain Scan URL

URL: https://www.forhub.io/vimeo/en
Title: vimeo Video Downloader

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWrNHtwavieIEXgWCH6wowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

Request Chain 74

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk2NzM2MDU5OTU2OTA1MDgzMQ%3D%3D

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1

Request Chain 76

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWrNHtwavieIEXgWCH6wowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

Request Chain 78

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkzNzM2Njc1NTg5NDE2ODYyMA%3D%3D

138 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request download.php Show response
www.klickaud.co/ 20 KB
7 KB 178ms
136ms Document
text/html 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/download.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9616ba1911e386441349e730a3d81a38b7650715145c5e643c55c96796a79bb9

Request headers

:method: GET
:authority: www.klickaud.co
:scheme: https
:path: /download.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsYKToZ55AOiWDMRDrlZcZfqOUFZkJQgEUZLI8%2FuIu8%2BhOAoidxz22sMBrSByVmnCQ4kG4%2Fa6%2BXxyZSy%2FMDeSYhmOUYXlB982ywus5ftR0G1CYRwJHH0Su%2BJdnWtA9JAeBDTpjFXihX%2FKc3ok%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69f17992dfc1c2db-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1pJWtVB5Fmt3wqBiu_zKiUiI3X0.js Show response
www.klickaud.co/cdn-cgi/apps/head/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/cdn-cgi/apps/head/1pJWtVB5Fmt3wqBiu_zKiUiI3X0.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2825ffde10f74147d2a6336b5f35814844170240ece60ed9db6a547af4694c63

Request headers

:path: /cdn-cgi/apps/head/1pJWtVB5Fmt3wqBiu_zKiUiI3X0.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788590
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 72QN0CA1YW2ATDKG
x-amz-id-2: oOLiMUkURhXDMwFOeT1pGhfD9RvDUDNNfr1j/6J+3BpZQ70+4lXTjK3AJ+QejFgaQ6iJ6KbtL1g=
last-modified: Tue, 18 Feb 2020 08:16:37 GMT
server: cloudflare
etag: W/"0ff50f3320bc97b6b3e3624d93b27013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBjcyM8u9bOOcMTijhYPYesv5hZ1CjV7RMzPK2et3pS3eg2y0gPBi02kjFdqZSXQ0hQoliAXabnrS0QMqB4n6Jq%2B6nKFRkMnZx%2FLIM0kBVuepdDbyz4i9cXx6UxYI9iwjAYZ73aLjiTe5jU9Qp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: vKDe3bI98fMsmmpP69zR3T35FAkyC6Cx
cf-ray: 69f17993c8e7c2db-FRA

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 46ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/download.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 4620494
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 203451c6c050184245ebe231729b4b5c
cf-ray: 69f17993fe25d6e9-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.css
www.klickaud.co/css/css/ 49 KB
9 KB 17ms
16ms Stylesheet
text/css 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/css/css/main.css
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322054fe1a260eedec6ce01e6389c9d8c5c64d0af641574030bca03a78a3b037

Request headers

:path: /css/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5543
cf-polished: origSize=50458
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 13 Jun 2019 19:01:28 GMT
server: cloudflare
etag: W/"c51a-58b39283c7200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GyJvl%2F%2BJi5l2obmodwE0YCGQmsEcHu%2FztvplTL7kRTraFdjq%2BIUoxagFvXAhO2gf%2BG84v87bObzjtmIIqIaA6K%2B3pUnumXWxGp7mcc4ny8%2FBKla82BNWspyxgeGyZRDJYjBaR3dNMUXXX6NX2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2073600
cf-ray: 69f17993c8e8c2db-FRA
cf-bgj: minify

GET
H2 200 font.css
www.klickaud.co/css/css/ 30 KB
7 KB 18ms
18ms Stylesheet
text/css 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/css/css/font.css
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

:path: /css/css/font.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 575
cf-polished: origSize=30999
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 13 Jun 2019 19:01:28 GMT
server: cloudflare
etag: W/"7917-58b39283c7200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8NjzADxa241wQ9KPRE7ONhPSkFR5sHqptXmKejQjhkM64XDhCqjsE8cwtsa0SItFk1XpMiEmLaMZiSeumsB1u6Z5a1bu6eZwO3d9aBI546QdWLPobHFkzJuWzoewAzK9r88yoyttoPkFmbP7N4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2073600
cf-ray: 69f17993c8e9c2db-FRA
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/download.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 10:17:24 GMT
server: cloudflare
etag: W/"6166b234-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZqfJGYwwVFh8KvDoLNES90xexPldB9MvG%2Bn%2BZ74dzuasrwk%2Fil%2F%2F%2FkajfxN7ZFPoXey47dBTeROmhDGlb9L7Te5GKlfAL9tEN9NwWAbyB8wImoDIOqAqAvlwm2oyPh3%2B0WllVwRvHktpoiDX6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69f17993e905c2db-FRA
vary: Accept-Encoding
expires: Mon, 18 Oct 2021 13:01:16 GMT

GET
H2 200 PQVBlXXHxPt7WG25K6shNmuOjQU.js Show response
www.klickaud.co/cdn-cgi/apps/body/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/cdn-cgi/apps/body/PQVBlXXHxPt7WG25K6shNmuOjQU.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/apps/head/1pJWtVB5Fmt3wqBiu_zKiUiI3X0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 672989952775c111aa31ea7fd4585aed4290ba850d6426cc0079779002efc88d

Request headers

:path: /cdn-cgi/apps/body/PQVBlXXHxPt7WG25K6shNmuOjQU.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: YKK1YTGQPK81A2V6
x-amz-id-2: qyXEF762Mvu7l2iWW/ltPMjNlFNuCAyLzlK9yw3thuEcBoqOZJn+GH7XtvkCcrp70hK4oW8ZLyo=
last-modified: Tue, 18 Feb 2020 08:16:36 GMT
server: cloudflare
etag: W/"e8e3bb7e20090745841899a05facde27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHvKm5InTSeKZbRDXF5IY6zW%2Fwj%2FxMCsLutDBUoFg12%2BuXj5r9A21yP23CD4Jli2q5BDPLHRNJKyuM3DKw%2BoUuRnmEur19YKnht9J79AXcKY%2Fd2eUg5KQM%2BvbSEdkt3pRQm%2FP1lOdaLVnEZKE8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mg9O3gYyrXV_fLlVzUj.wv4tldXHAcHc
cf-ray: 69f17993e906c2db-FRA

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cfc5ad34e89b6eebddcd5ec715c224a86c99ea5b9fad999407dee7e32f681b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 9 KB
2 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300italic,400,400italic

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/css/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30e5c373efe945deedc8bd69874fd89c4e165f7ddd8eeb04935421dec2743d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Oct 2021 13:01:16 GMT
server: ESF
date: Sat, 16 Oct 2021 13:01:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H2 200 main.js Show response
www.klickaud.co/katest/ 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/katest/main.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9214ceb91aaa1b5f2d5e7bc446cb0d0dd291137ece1003d491650591b934e6

Request headers

:path: /katest/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1661
cf-polished: origSize=6426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Jul 2019 20:10:37 GMT
server: cloudflare
etag: W/"191a-58ccc745ca940-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alxdii3QdQ5l1F2Ei4O%2BLRcxBIH3MO95ItaPVxwUu8QcIRYMbikp8PbTy5VViucwP1ZbzJLNsRgQ%2BAd6dmizGx9hbNb125r4%2FFG0%2BD5aGwKZuXR%2F%2B3UuX6iUQZxtNoazdn6eHdfZjJEH0DfzTFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2073600
cf-ray: 69f17994091dc2db-FRA
cf-bgj: minify

GET
H2 200 blob.js Show response
www.klickaud.co/js/ 3 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/js/blob.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7e51d86c44617f1846ad7546e58e0a4de07719b0f700b4f36e6f15bc52a60f

Request headers

:path: /js/blob.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.klickaud.co
referer: https://www.klickaud.co/download.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/download.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1661
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 01 Mar 2020 19:04:07 GMT
server: cloudflare
etag: W/"a90-59fcfbc22d7c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4k%2BE5gxBpBWnNg1nq9N%2FgO9i4SVWzPatL2wHuOIYgPxXPzMrRGZb6LQQKkczMYNJU8vBO%2Bu%2B5M0hoJA1HGWctgDoG67USBEuvP1QznBqY6Aub%2BjgBcO8s1nFlFcVwgzXrfYIKmPzsqNkFqQFFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2073600
cf-ray: 69f17994091ec2db-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 14 Oct 2022 19:57:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1c63b2390a778301c86e062d0ce44ae3f0fd1b5dac69dfebabad8dc0ce3794c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.klickaud.co/
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Canxjk0XHDji65+K2hoXtQ==
cross-origin-resource-policy: cross-origin
expires: Sat, 16 Oct 2021 13:15:17 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 3/H74u7xoKXJlNPk7LpqRCACAYLDMMlyuY6COnw0RYPgs8Gxfkt/D5o5HUvv+Td3fENZ7R9uiXGH8pz8YPEusA==
x-fb-trip-id: 686109401
x-fb-content-md5: 8b8369ec3931a8745569528afcab95cd
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 16 Oct 2021 13:01:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d6d005e90cec029443d96643d4d93d49"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 72ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb8594a99805871c0a06c8d6e6ddcd4bf572c130efa974a5eb00c53a49f3e219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51463
x-xss-protection: 0
server: cafe
etag: 3994058319038962499
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 51ms
25ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

1446117421d0dc83416d691e8fcac45a3559260c94648ef030968e051ffa13e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 290 of 1000 / last-modified: 1634335653"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27178
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 53ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158609757-1

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23caea367097876f7f254c5953f3d31fd0ab4daf4c8392dd3cb69d09e8534d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38559
x-xss-protection: 0
last-modified: Sat, 16 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/download.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 859
date: Sat, 16 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 16 Oct 2021 14:46:57 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300italic,400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 524686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 11:16:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300italic,400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:53 GMT
x-content-type-options: nosniff
age: 524663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 11:16:53 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 38ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 2887652
cdn-proxyver: 1.0
cdn-cachedat: 08/03/2021 23:23:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6436293b80ea814f4acc295e6873845c
accept-ranges: bytes
cf-ray: 69f179946cd17057-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fontawesome-webfont.woff2
www.klickaud.co/css/fonts/ 70 KB
71 KB 21ms
21ms Font
font/woff2 2606:4700:3030::6815:279d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klickaud.co/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/css/css/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:279d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path: /css/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://www.klickaud.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.klickaud.co
referer: https://www.klickaud.co/css/css/font.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.klickaud.co/css/css/font.css
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71896
last-modified: Thu, 13 Jun 2019 19:01:26 GMT
server: cloudflare
etag: "118d8-58b39281ded80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOelTJQLuY35Kn5Zf0udDYCGKaYPVT8xyVFJw0NPf9%2BEDNopYEUhzEeCs3UJk5Az5k9Z3fa1GCYhAXZM2EEFtgHa1dP3BPIbnTjGTtk3qd39Y3C3ii5R52ds1hcGbHv528ylsSR4vW%2B%2FmF2ElN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 69f179945959c2db-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 265 KB
75 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=dbd446df79f08117ec81fcf3eefe4d46

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7cec6db5e8a6fa3a10f1a3376ccc84dbaa2a8ca7fb1edb67fa7c74abd4437fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.klickaud.co/
Origin: https://www.klickaud.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iQbEB3F7rZ45YZ+xkyjiyg==
cross-origin-resource-policy: cross-origin
expires: Sun, 16 Oct 2022 12:49:16 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76547
x-fb-rlafr: 0
x-fb-debug: xQ5Ugzy9ezzwOB2+hxHsy/wcynGVEpNZi8s0WVjj7SdK1LvtNjQRrI86gKU/1mxTK2rKJDlyruiaXvW+BhddYg==
x-fb-trip-id: 686109401
x-fb-content-md5: 53a33c8ef28b4dd403d63d5c70bc3338
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 16 Oct 2021 13:01:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f07ddd4e61f24eb9b8a16abcaad69c3f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021101301.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 31ms
30ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124741
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 08:34:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 120 B
122 B 44ms
17ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.klickaud.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f9b0d10db598c80afa2f4909daaf3d7ef0a7b99e5a2b40304996f28e3329abab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Sat, 16 Oct 2021 13:01:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 17ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=945862356&t=pageview&_s=1&dl=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php&ul=en-us&de=UTF-8&dt=Download%20It%20!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1389235820&gjid=1692684316&cid=8832840.1634389277&tid=UA-91892019-1&_gid=1385094485.1634389277&_r=1&_slc=1&z=759910506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.klickaud.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.klickaud.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/ 272 KB
98 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5176352762537070&plah=www.klickaud.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b20c447b3d7f66aa1c71305e4a91983b14e3174c651ec6460e73a79e58a3bb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99860
x-xss-protection: 0
server: cafe
etag: 5832577822734846258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 13:01:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 91C9 10 KB
5 KB 37ms
8ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 15 Oct 2021 21:27:24 GMT
expires: Fri, 29 Oct 2021 21:27:24 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 56033
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 16ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=945862356&t=pageview&_s=1&dl=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php&ul=en-us&de=UTF-8&dt=Download%20It%20!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1725583277&gjid=1655732826&cid=8832840.1634389277&tid=UA-158609757-1&_gid=1385094485.1634389277&_r=1&gtm=2ouad0&z=219317467

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.klickaud.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.klickaud.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158609757-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 859
date: Sat, 16 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 16 Oct 2021 14:46:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2048611405365427&ev=fb_page_view&dl=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php&rl=&if=false&ts=1634389277010&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 16 Oct 2021 13:01:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
410 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-91892019-1&cid=8832840.1634389277&jid=1389235820&gjid=1692684316&_gid=1385094485.1634389277&_u=IEBAAEAAAAAAAC~&z=2012973699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.klickaud.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 16 Oct 2021 13:01:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.klickaud.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.klickaud.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 42ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.klickaud.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
14 KB 904ms
904ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322758313350626&correlator=2855310414564716&output=ldjh&impl=fifs&eid=31062393%2C31063136%2C31063192%2C31062525&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=21831463928%2C1001%2C003&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1634389277&dt=1634389277057&dlt=1634389276749&idt=287&frm=20&biw=1600&bih=1200&oid=2&adxs=292%2C292&adys=405%2C220&adks=1036946713%2C1734021626&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C728x90&msz=728x-1%7C728x-1&ga_vid=8832840.1634389277&ga_sid=1634389277&ga_hid=945862356&ga_fc=false&fws=4%2C4&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

efc9f5d7b5d8c788cd53b918e8a543bdb9fbf2eac1cef6d9c26e380ea79d1738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14750
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.klickaud.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E728 6 KB
4 KB 88ms
34ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 16 Oct 2021 13:01:17 GMT
expires: Sun, 16 Oct 2022 13:01:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 74ms
23ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/cdn-cgi/apps/body/PQVBlXXHxPt7WG25K6shNmuOjQU.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 16 Oct 2021 13:01:17 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 comments.php
www.facebook.com/v3.3/plugins/ Frame 5FAB 0
0 37ms
37ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.3/plugins/comments.php?app_id=2048611405365427&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30326d31f9cdac%26domain%3Dwww.klickaud.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.klickaud.co%252Ff14fafbd4eb33b%26relation%3Dparent.parent&container_width=1283&height=100&href=https%3A%2F%2Fwww.klickaud.com%2F&locale=en_GB&numposts=10&sdk=joey&version=v3.3&width=600

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=dbd446df79f08117ec81fcf3eefe4d46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self';img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.3/plugins/comments.php?app_id=2048611405365427&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30326d31f9cdac%26domain%3Dwww.klickaud.co%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.klickaud.co%252Ff14fafbd4eb33b%26relation%3Dparent.parent&container_width=1283&height=100&href=https%3A%2F%2Fwww.klickaud.com%2F&locale=en_GB&numposts=10&sdk=joey&version=v3.3&width=600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: JO3R+29aoHp+MxPldxNDUkZwEGEOY161DiqTnXvf79rkX8tELD1LaxzgOHcVwrJvw9pKzUYqw7Sbdqa1h+OVGg==
content-length: 0
date: Sat, 16 Oct 2021 13:01:17 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 44ms
11ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50773
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 26ms
26ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 16 Oct 2021 13:01:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 156ms
142ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=616acd1da2e2fdd4&bkl=0&bl=1&pdt=500&sid=616acd1da2e2fdd4&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.klickaud.co&fp=download.php&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1634389277252&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22CloudFlare%22%2C%22plugin_name%22%3A%22addthis-cloudflare-plugin%22%2C%22plugin_version%22%3A%221.0.0%22%2C%22plugin_mode%22%3A%22CloudFlare%22%7D&jsl=129&uvs=616acd1d9dbe32d7000&skipb=1&callback=addthis.cbs.jsonp__57238715991882280
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d892c67c0db10013885dffa8d74bcd224223199867818e9a685b6285f0550a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:17 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 70D0 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame D0F3 71 KB
26 KB 22ms
22ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 16 Oct 2021 13:01:17 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
264 B 44ms
29ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.klickaud.co/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.klickaud.co/download.php
last-modified: Sat, 16 Oct 2021 12:00:00 GMT
server: nginx/1.15.8
date: Sat, 16 Oct 2021 13:01:17 GMT
content-type: application/json
access-control-allow-origin: https://www.klickaud.co
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
294 B 221ms
205ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.klickaud.co%2Fdownload.php&callback=_ate.cbs.rcb_2lj70

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5a2e453fec80991c9eeab7fabd708f1f3f0edc7912f2c9b2c6a600d72a07b8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.klickaud.co/download.php
last-modified: Sat, 16 Oct 2021 13:01:17 GMT
server: nginx/1.15.8
date: Sat, 16 Oct 2021 13:01:17 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
294 B 220ms
205ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.klickaud.co%2Fdownload.php&callback=_ate.cbs.rcb_21lk0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

9cc2df4ba9c9ee983acc87d860415eb14541c442ed1b961f14aa9b04befc00b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.klickaud.co/download.php
last-modified: Sat, 16 Oct 2021 13:01:17 GMT
server: nginx/1.15.8
date: Sat, 16 Oct 2021 13:01:17 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D62A 6 KB
3 KB 309ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 16 Oct 2021 13:01:17 GMT
expires: Sun, 16 Oct 2022 13:01:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACBF 6 KB
3 KB 307ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 16 Oct 2021 13:01:17 GMT
expires: Sun, 16 Oct 2022 13:01:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 73ms
35ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87ffc8e4f1ee66861446d1039472d783f3fc0b85f28e9ee893359a04836c7bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8612
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 012C 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 16 Oct 2021 11:48:50 GMT
expires: Sun, 16 Oct 2022 11:48:50 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F500 783 B
1 KB 43ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbe98095c92ccebbb035eb2107a27e62b9c56b713d1dc7f845753be00390e058

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tx7Zh3TWJ6AQsw/LV2ldqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.klickaud.co/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 16 Oct 2021 13:01:18 GMT
date: Sat, 16 Oct 2021 13:01:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tx7Zh3TWJ6AQsw/LV2ldqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 012C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:44:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:44:01 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F500 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=322758313350626&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1B67 624 B
592 B 20ms
19ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 16 Oct 2021 13:01:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmO_4UtqbGzgWmUgwHYE5bkN63HEOzK2dV5hBPh2EDQn4naAFzNodXTE0IS; expires=Thu, 10-Nov-2022 13:01:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D62A 25 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQO9LLrtC_lnX8qYM8oF-tFjN7EZMN9vtBa6leDOV5BknXDpHW5m6rVlf8QO6XMh2R0x8AgtB_ZSv2wqnSWgvah0hN-Ko4s1En6TTl5ZsqfQn6u6VABywkQhhpfMtsAJXCpFHAAfCkgh9iWioD1hKVtcyCbw&cry=1&dbm_d=AKAmf-DeCB-JD-4MjfxOReT730roI00pH7IWdkGpgH-RwdTaLMr0KM8BP7lIa4WpE141AdK7jYhabUlZzwsJ6euqKquIrX2UFbsUCzsgvTlRtwy3fPobrlLe0i_UZkFK_CwWOOjK094kl00TwRyZkSZXLrR6_PzSpuN5ZpLqGrAy3WzjHJf1GGGDS6kN0EoMNEfGt0SqMSuGjbF0BjMvyZNUN-O26ESZugb9Pc9CYCHZk6teY8O44q_fZ7uL7RhXpIOErMmoeVPCku6g84SqKIEVHNnRKCkkEpqQhJAtTt0-UtzakPxfRMZqq9VJz3h7BfViHxUrqSKdk6d6dM9g8-LM2JPVKR9Fgw_s2BwaM9zRq_JiVWOENtkbE1QizhVR2CVB6mK9bquaG2bpps9Fm81d36QDlZKAqatz9C5LMPW0-1IXAOEiaVYUwkri509IODu9MRioLEmpvyWHUkLkBwrndK0YE4RUmTMQDgPLcfrlYMcLp8YtuxDaXwm0KlaqK9b4fRqRFlBgIHySWEJFqWWL2CvkcjCFrAlx1Z5PLqgnzQPGIWwjLcV6cLaWwFPQjaOXG8O9H7MkyK2RGv_5XDxYPPq-S_FQQCUh-zf7kp8B9nMEMoOTc9htY4IKNm3MND1ijdGKpGIrbEs_iVY4sJ8fpaxp2UlLpsqzWxcsKoK8_SYGhoyYPV1uxx5PvoWLewkBNhSq7bcTH7jlAPXaV3maHeFWWxMgqiD3bsVPqkxmHMbUskLblCdBmGXKuxOdGx-DO1zZw44HyqddK6anne5PZdk3Pa4WF2GZqSaPprdIMaCRyoMoju42NIqXaI8hsmMUXvwdCujoQ5zQbJL3_FJ5tG6i6ZjH0lyKKig4MQdyMHS-HsSoUsYSf_Ai_jb48d--0cckXfrKvdk2Ck7CSny3mV2L80aSMCuFkmd_-WnNi52pS8gqMpvH5rK5xSNDgmIkM9hvX11RygrJs7mntOzTcQ3DySt17zY4dGuWI7PPyBXHlrFn511GgmnK54SW7Vns5B3va1_AGkY2Yz_GrKoMUJsyatqjDGzq3xee4LQ4BToW4dF4OO89IR8XYg_QS5DzB14UGJDAKND06kjxLEJV6JItLE4PgXQ5QcNSbFa34C-fb-QixjzGRdmp57FuTWnQWyXyV1j2fBIcb5X9oexSgLvbYHB4JrfbPr0gwnFx0J5J6cjJe_iEzWig7iA4Eaf9b1bRjyIIDM7Kj0ezDJ7OkB896kDTusp9Wl_5rKp_9WceZ2BGuWBcIvH8HuqwFRojJGhuaam8_OHyfvtTv0dnSfgXtGpNMH-Yagl_lei2DkY2_GXqRPYgEl8lWtd93LrU-AwEO7vk6ld3vJS89ZjAD6LHNQq2E7g6gKl48TNdePOUlah4Rpiig97Gwa14fA9BQQR45oYvYuO57QKL2hZ-cbxs0syz6rCbjodfyHdB20PNbDGutEenQSI-AGGh2PBYz49w_szW3RuDU2NPy7fd7TVH05Xo3_9dCPujkBgD0x6QwzNzeHoRL3DOPVZm3Gs4vKiUFlnB-nqlXeLOaadxIcOmbDvE77VBFR8X3qt8konlILNBa5zx9_vBr4IDJ6pWmUQxR6HtBFdfi38FE97hujsOtWn44TILpLHM37sb9EwI7vSSUPvPfvFUxXdsiRd54mcdiyjF_JTty9EBFW6MNs3YdQbR0XJdw5qyRuf2-_1cMGhRS4P_WjV02mIW8PR1V-WvD9WXsv2Qd44xVByP38nYJQUt8CTblba_AqPVpM0rYZ_aNbmbogAji0ntgmSqR839oKd4fUogwQLCNzyjYqhLgD6deR2AwWHXv9aHPlyviGLWwtJEXSo8hkoEQdl_hbbsUGucS5xO2wDVWjsipUcwUW6PKyl6l7PHNXFYjOHrvpGsuQYL3w3TLhrpb9XaeaY1oL2pcmam-q1s1rkY96uLutcSrr3tum-lS-lmTER3VioZHVUUghTf_0mn6agx0i3OW-wnn3ncfldxn1ba5a3vNEZ5hoKecgvc-ON1HpgGZHZYgfH-u3ICxBSxj8LFh2Og-uhRrKsc0GbVnqsFMT8kcJarhhEBhd4hM65A3AmcaAGveFg8_40QMC-Fxyg9hQgzCAb4bhFmv5FXBiBFl9mNLGYP64FVpmrFuV-8OsDQ1yTagRrx7_wylZ1aX4WykPmMlED8y-weXXLzAizCoAkK-4CjBY3Q8-PuFw6TLDlW31lRqUwBTcCJEQzX_YqLaTGzRFeWl3j_KwSx5cjrVB3b2UyjMG6wnF2_e_WYQFXjewfILBYa_7hEQM_4EyT8mawsqk1w5gD_87osliBnpx8RNUP1xIRLtx-2U3n3YEfBmaEWk7HtjJk9LIxTm0W4FyhOHnDcB6Az9AQfG9aZeQhxjd-UZ1Z-pplFYstFhMVrZxC_UIOx9iWbEQk9zC-6UOBwZGJrai32fbfvWJCA4Cf_QeVnzSAlZFlHjGtzoZcCBOJp3fnYvNh2WhtE8vSuw5VJZyyCDxQKr3pxBZyPgERTL-124hYE7CEUj7ddSabrB1W23xber-YiER6RFF2LqaX4k0S-5Kg98Fhl-EKVKUH13KfRmXDM2VJNGLdCUYRfJSO_7Sr0MHIg5czXmUDoH1PHIaU5d8M1cb3WFg7on5abEzS2nSQ_JQfouvgVq08sCV5NxWQw9kERcXYmPvjYXs6QN39oObWeECJozHkg9C06IidEED_icAfq5lYaAOgc8yfWgIwkhlqB9nbBnhXc_VqCj1i6xBPtqY3iZ0AGcAYfYkT4IbpWaXOQDjQHi6Q3K-exPG7BwzYIuA_luxNqSgGqqZ7MnqEwoThqkYDrCoB-QoBPjc-42CcWyRq-MY4SF8yJqWIC7GPIg91FPnqqGIggUgF_cQusMno-wntzVZXxowI_ePoN7C9MDHwloFOVuo3mVHTk1NaFRCN3DvT9lA8ikVKFcDwsG6qRAz-0myRbeNwauTZy9ULnZLFE2kzK59N4t1Ie9XJElZDIwGWw3OEkjJGqPJtwNRQlD9DHEsi7pgWRUBOk4Qh54qV95Re_GVbnn-3dP72pF3LvEzWaosq9v2FG0kwDgVrjCnxEww_cjV7Xxf_avt-piajuIlc-EHV1WU2trTJ_9bPuuHPRlM9eIE5HZ5T7FxwvdFdxxtv6fi2MUshmd_s9oZ8iG_k2CNVIz8ALI3wMXKs8UwfQR_Gt03JA88Y3moLyGpBRDWO0QI9fu-i_UHDm9c7Pk0Ufo_iO3l7W7WKbDjM5ENOv2CRg80l77HUOLZpo_5J1PZJCLzU57zNOVe3u8RT_6-Apg8yqL0hx6ePyvpHAdKA5bgEMS2Aa&cid=CAASFeRo9xmS6FQ0Hw1N79PTH0-GEtUhaQ&rfl=1%2Chttps%253A%252F%252Fwww.klickaud.co%252F%240

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/download.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98c8530636cbd7480e7bf90ae1a26c33656a2147df414e52cb7d6ecd75ea3b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D62A 42 B
173 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNNFX01cAor9xtw_ZX-zTDzcZ05uJS17CGK8sl0G6Cs9aa9sCOoFgim3MkOMgoxHZr6I5vFusZktjXYOfY2JF4T4rXUsKWyExB-bkbn0G5RiwBI6Y

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D62A 2 KB
2 KB 75ms
14ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4398922&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hDWymHEbCkDP6tkgtWPzGi&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Requested by: Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D62A 8 KB
4 KB 75ms
14ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hDWymHEbCkDP6tkgtWPzGi&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Requested by: Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 17:50:16 GMT
Server: Microsoft-IIS/10.0
ETag: "0bc2dc9a3bbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D62A 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:51:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D62A 123 KB
38 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D62A 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:37:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D62A 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhOSHnjDH9G5KtctmQGcx7JHEEGlI7AMF7uaU8oXW6d6IdyDx2-ZWQPaD5gNUOsgOjLwF_ClOvWj0_8yd9GcGH8DbtZQ
Requested by: Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 017F 624 B
558 B 20ms
19ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 16 Oct 2021 13:01:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkIaRe9iJ2zokC9pr1qwOrfWnO-g8k50qVnRwMtA_lu5cxAjuC15XzMpvXE; expires=Thu, 10-Nov-2022 13:01:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACBF 25 KB
13 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BocDIo6Y3U0zV2IxCerZ42_iq9D5XnFkn1ZuxCH6_wjStHx98eyOYEPTCB-NJ_jWELxNMsPaEfxP1RuPDGiShvy1Iu-gnlF_jIsM3PX9tNdTDzcA2K-PAXf0xdRKlFROAeHbPTPqBg0mFrTVVOGOFmuPoz7w&cry=1&dbm_d=AKAmf-DJkoMqej9_EhjrTNuKyQ9f3Nk1AMrjg423Sdy5YtwKP4nU_r7fEWnblEoUKm7mi_UCGN18sJzIyzpgEl39txlcNg6daYdiBlFn1794jyrDg3lnxqV3eP1BKeXZtKajt4PppskwUYe8tE-T_r9FOmqWE2bv4udYkA20cAlzBO5_cFxhZCJC4b0Xfv6mUBlPM1mklD-L8nvc6BL6NoTSTPu2T4eCJkJZJ6m3iGscx39Mi11Z8Bdu12UPvCTuWfgDWRZdNhbE2Rh1ZwU5Y58ZH0HHu8Eh1lv8hq4G-f7_p8jXorcaxcwOWZYPTn9MXrCxX2zOARzfQDZqi877xSxScetVNrBNzuG9SlIsqmZcqzs7cKQ-DpJKDgeNH1E9bansEHqyOJbKolceKAEaF5CMyWKF67YU9aQ-NMpsajuGdY_oFgvaf18DIJbL1xugDQ2xlxJe-4u-IYyRPI3PetJpBdv9dfIxCN7QfQYJPzIJjpmM1pyBSJK1iz-zKnMACSAQRRIyEf4hCzuKewkj7dtqruGOBd4y81p9GlRcufQFFjR9st_nXn1gWiSPUy6hsjCSCACgcJS9l7aOYUdscZ6ltBQgUlC93dz1lMPIGg--XgUqofyg501AUJk4vy4yaLY-MdwfXIdh0b3b7HoQEXruzfK-cU0Xq1-tJiub2Be49m8oKAO_gbyTSu4N5e_mIGhh8b1fiQmfq6qvpVfciIxErrHGw51pk9nZePy2HRSUQuy6C0HQMrIcikHZwD0iIHjRm6zy1_mBfM0pRcVk1PkgDLkiro0oGRy6Y6vzk8S8CQvFwKSnKDsKcYNlvIZnGCAK-Ib55DFY6q0o3XDz5Jhp_i46Tgpn7JmZh0T-Cwu24vpS0Tp6yhGDjXnbTJlOmCvCCwuXYFiEcRq-0OD03PHmHHOd_FuWkl8mDGRoj0Cvqo18Bgs13BskjM4-1R7BHdNybg1aOQ_MAT7358TspX13PL0BFFkhT5l05o0J539bYTs43VflOKsJbbuFSNTHge-0p80ANlpLROyUc7aAnV9vTO_vJ6Fq6xWhGxh3dPmpgvgfISrnrRLxOB3wZb2gZFrL4t6Jz5MxuzO74yHffkQf4HEfTIQhFc1YjM-JlSTbBGyWJyjVYAKNWiZRoB519ojKa8YbCdztDJCDLP_iDPlieJFSQrI2se8HH6q6gFCL3Es0STymWMi0kmkaUpOy53QKzG1pUxVqKoCKDhK_Y_p6OT-C1p8bK_jTee7B2MGQzKap313o_yArhqYviy8NqG85_XFEBMqeiSWEMkvcchgT22w3YvN_9yx9_yAg5iSrz3LKFev35Qazl1EyUET3Qkr_ub-O65DoKTZDZO1xvhQkG33A8tbiW6U-ujOFx6rL077G4VbvknHXEkOg2FY3H1kDPJs2a-Ix7l9PLFxuLmgQXoYF9sdWUBg9s4KgQzmT8BLNXBEwCLOXGz9Zh46647xHkwJFIgeNohvCMZxOn3RURp6cE9utkTLIV_0wvbrk_a3k38bnvyA1EXIZuFMh5HWWFZH9xznoBSA6qJ0P23Mz8cYCz75jOEu53xdYFbmORd23xneJMXAvnO90iNCLxFiQddpkeAvlneph4CssbdZh4qI-vYww-hANM8CPD_s6e1-hTI-dCSdBCMT7hL9JN-SC3YI9R-uga1zAbjTVyiIMwm-0DLNrbYpiLNjVFBkcrdjTIMj8ExO3tklDAnJ9j7uwl2VHyf89rM9HtN6GjAEz8YlxwMirvlQZ9vHWev30so879BUOpQPBgr0fdOh7XnizzMTOpmBT_9E5_PAF6K-D6TA_gTqktqhQJvm-wcD5RDSfflmWmozB_jCNKJ_JTUvBviHjyJp6pbbRGcc3lSMM9IMCO_Go2Erq0XrstDjxgmyaDCOe2gNiNFHAuC6kqi5ASg3EsnKEqjmikN3ed2yBBZS4-8Z24HzoqaGdWs6QPrRGlgO2l1oN7IzQ9Nm5LJzqAlitMWcHb4Az-E1k-l3CI0EtcPGlQ4TX9J1-iDSySmkgU-agLf9VhgM9j8nVAf4ad4roEYsvUA6ktKIshifP9Ll25eohPR3x3xDsDwqKB7h5oAbZE9diK1HKs4ZPkrtsANN3yBQXf7cyw8DIh2BLV8acwN2lrNkTgK_DJxh3ESmEaxVdwXmGlNH3m5sglj-dLHylTV-n7wkgHr6mvIaVDyxlJ28qho7DUD6G_Bp2_YqTYpy4AOP6V-19eG9isT-6YluhLqwfPOLKHP5pS0lj1qJDo_7MusbeQbkL5jn9BeNdU6TLqkRis3-NhVH7ojNu_VmAPg0VXOWIqhRgFYVoGfVc2maCe1swz4VDoAeu6OPpT6_G_EHIbC-s0WXA1i9oLEzjbuN21rxm6VPE4lpjs2Adm5jf1ert7biF3r2pXY5DpfBR4WEEmoGu6JUozPZaixQEY0n8wIzUyKl_ob9CPODNlxDKHbMqckxKtGku0VEPCoHyfC4P1VHG8x4Eu5hseQOTttO7N1DH7ynBkh8hEiCU2wDdwsUrk6PFGN4l2_Domus9HWTyjJG8Lm2fAxOgqKHi6_Pl7qWhg5VxabrlV9q7Q4bSVhOnUCJBKtNdZdgMxKwxv6lOiJZ1dLmDQnZMlmtuXB4sgTj259iaAPfGzdB8U4E4an7vssapkoZxoEMfd4jjXfFeXn1WDiuOLc9yTbbCVZ-uorbny_rq4TqsTdnGs0cIHOnzZ6v74ivD8uXspCk16zt9B2Q_9EYCvT7OaC-_702zUb2XUhuD3kxI1ndmUn-2_sHyPeCjJTyz3Kr6lHUyTyC0HRAW3kxW_R014Zlm0G4Yurqfwc_FecjGPGayISTjjHl6IH0KmHWSMnzWilKggs-Scgifk4ape5AfKW5FIDc8pNhOsnx4ByZcGB3k0Z8Fgyv8MyWumXLhcHRUush7JcFEsnrsCgLUeg6IRAX1T7kqG4e-MySTJY7mG6pcuN3hiGiinkAgHDbeVGyh0DclYy-krhZU_iv-CMbybtLPlEfwtwczdBFWv3bI3Cjyel-h5Q2TvPSHAbR1-Nqw7BDQWoWfGpT2plZet3m5-Oiq6n8vH0uzTMKAZGYGpuA2IbEFye6T_LeN-YT6XEyy0mxPcgNwrqT2im9fwCyaSMdYamR8Y106mSmQf0jt0D_T6C-nZuwX1T-suZ8hCz2aQhcQAsikG79yNaAFDvHQvgIGk37LkpnJrJHAiHQh0M3er__k8u-rTbyHQ8hT8zZqEkozCRGmvjS8QpFemjArSL95hI13Azfw88h0_JKsRlEcvYQEgtoPx_dziF_m92i19Eo4qPvGYA7k8NA5IuP587WDAAXFQey8fWThax5tv9yp8EGtHA&cid=CAASFeRoS3fs1o2V0Dg4itCdQd5udRZZww&rfl=1%2Chttps%253A%252F%252Fwww.klickaud.co%252F%240

Requested by

Host: www.klickaud.co
URL: https://www.klickaud.co/download.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20641f81194e1372d59fe660b0c7ca7c98b42df171fc741f0c84f7dd35eda3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACBF 42 B
107 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZ-39INosnM3mUJB3S4hPHVhIlkSoSILuIptg5fzlkKpngfoOf316I-h3fxohHX-nviHmr7jAHq-rf0avrx9-L2U3HpYtN1U7lF-EuQ3TBo_BEzO4

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame ACBF 2 KB
2 KB 69ms
13ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4398922&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hq3PEttyvlBnDE4g52t1-y&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Requested by: Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame ACBF 8 KB
4 KB 69ms
13ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hq3PEttyvlBnDE4g52t1-y&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Requested by: Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 17:50:16 GMT
Server: Microsoft-IIS/10.0
ETag: "0bc2dc9a3bbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame ACBF 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:51:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACBF 123 KB
37 KB 56ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame ACBF 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:37:32 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 47ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101301&jk=322758313350626&bg=!ammlaS3NAAao6lBpqOo7ACkAdvg8WpsjJhQOTgjdXi_8vq8AURYPelcLozxbnkwmr5AhFmRRaaCuNAIAAACXUgAAAAhoAQeZAs0ERanxNlT3Io1rVfivWD-xsGO7uAswT1l-OJ6zJuw2zR7PxElr8vr5WFT8G70LH-XQ_f7qY-wxl21Mnq35HpYybZDfkR2K8pOtm2fgJmgp12mH8FJ8uBaBSgCn3Q9LAdkJrgyvxTyc5hQfnNeBrUSOYvMDc2aC1hTRfVbm_2bq5Xe2RaoJn8ywuz9s_JmdaT7DJpMwzhw8W_cq2ugBJwLipLMfJVew6xHyuTr0k4st5wjRWMzRnXwSORzZ58lFumeQv0eouw91VL6xTuEeSpcjznf-Eeaohnh3fI4iZAngf1uBgQki5cywEYWwwWZy4MSI2NihuRSfNWTgQqAiBhZzLZ2RdMeuEC6pPOT2WVhRPJ5uL2x6doWpMIJ4pCwRLKAdhy27VIsEQmIyGAErF_yYt87mwDgnuRk599lEUatOBHZjWN1WKaqGz-VeXy6QXu3NGWnMdGTlbx-lW1QB3nkJcE6l-zdRD39Y5umQWp2C_DLzdmfNBAEu7jEJ7KrrG5CmXh6XvKUvsjPF2yOA2vTV5F0AY1sT3kHEpmKcQkOsr7DbVgFgntT4dEFWu8wZtRRZL1klhlL9sXill352ja-bXbzx1TBF5jbm9ujrYrNC3yYMfv8T1npplF-rfFSQ-BYSgoSnDoVj1jZZhbDoTp-o00rfV1GqDndIlwMKzhs5fRbp7XbVXirxLbbLROOiavHnUXDPLDVQnli8EBSFSeZ9t9X8YTWkS0E0LtTn26PP0YT4bpP8h0bKPXuluhrQrDBlqX0XjOdOfnck73UBIb5YdUnuSOwGD4ZTgu90YlGuUHKJ40EIEyADpOqy4b8J831Wl3B9ycfh4Oynm4dDWa3Rr6cS2bE0nuJsazBZzJNl6i4bKZ93dYMffXv5GFMZ4bPobdcTcUoiem3wgM9W_bH0u7VqG8llfYwxuJnV-4Bj70ZO6zUaK6uRWHfbtoM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klickaud.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 16 Oct 2021 13:01:18 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWrNHtwavieIEXgWCH6wowAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 16 Oct 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1B67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

43 B
1006 B

8ms
8ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWJyDpqftM-kX38u7MgBSF3iqW0z0hCU4bzKTKsmhi0ssQOhPnIWal8OEWQBIMJ6pfsMu1yUp5tOLeS5a6fgOlUODmi75KpTm_dKbPqfSYjTwhjdPGL1h_dOQ7WfAoOfnyrmPN1iFCRtT4SUGHG_qLDa9ZO-4o4RHzGZipebjXumGUlvWo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fd7223d6-d03f-4463-8f63-1cf7f051230e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B67
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk2NzM2MDU5OTU2OTA1MDgzMQ%3D%3D

170 B
188 B

34ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk2NzM2MDU5OTU2OTA1MDgzMQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3d98dbb0-7f82-47c5-90c0-9a054b5a527f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk2NzM2MDU5OTU2OTA1MDgzMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 017F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 16 Oct 2021 13:01:18 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtcgCLVhIk44NxqV75BxFY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 16 Oct 2021 13:01:18 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 017F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWrNHtwavieIEXgWCH6wowAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 16 Oct 2021 13:01:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECDEm3onVGBOGrezL8O1orQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 017F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

43 B
1006 B

17ms
8ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjI68SjATAB&v=APEucNWRKUFGjIBzET7Qhtvr4_x-2ppXpK2rK0AVj_f_kNjq9yGxRtYPXeRCo8T0vDrjdhuFo7zqMbX8U5ViT6ma6MHG-Wnu9h_vDQZR5rDh13dnRUjO0FirlfhRtvXVZHjBsVa1pOnsVbsezGeMfed9N5-tQC9jtfUbT7NuwOBSfuJmYo3E3_A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b3af6d58-25fe-4314-af66-266f9cef6cb5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF_6iyKF8E_VDZlRuUMKu4E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 017F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkzNzM2Njc1NTg5NDE2ODYyMA%3D%3D

170 B
188 B

23ms
22ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkzNzM2Njc1NTg5NDE2ODYyMA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4a64c8d1-db37-4ae2-9e25-b5a0d2496eff
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkzNzM2Njc1NTg5NDE2ODYyMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame D62A 23 KB
9 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQO9LLrtC_lnX8qYM8oF-tFjN7EZMN9vtBa6leDOV5BknXDpHW5m6rVlf8QO6XMh2R0x8AgtB_ZSv2wqnSWgvah0hN-Ko4s1En6TTl5ZsqfQn6u6VABywkQhhpfMtsAJXCpFHAAfCkgh9iWioD1hKVtcyCbw&cry=1&dbm_d=AKAmf-DeCB-JD-4MjfxOReT730roI00pH7IWdkGpgH-RwdTaLMr0KM8BP7lIa4WpE141AdK7jYhabUlZzwsJ6euqKquIrX2UFbsUCzsgvTlRtwy3fPobrlLe0i_UZkFK_CwWOOjK094kl00TwRyZkSZXLrR6_PzSpuN5ZpLqGrAy3WzjHJf1GGGDS6kN0EoMNEfGt0SqMSuGjbF0BjMvyZNUN-O26ESZugb9Pc9CYCHZk6teY8O44q_fZ7uL7RhXpIOErMmoeVPCku6g84SqKIEVHNnRKCkkEpqQhJAtTt0-UtzakPxfRMZqq9VJz3h7BfViHxUrqSKdk6d6dM9g8-LM2JPVKR9Fgw_s2BwaM9zRq_JiVWOENtkbE1QizhVR2CVB6mK9bquaG2bpps9Fm81d36QDlZKAqatz9C5LMPW0-1IXAOEiaVYUwkri509IODu9MRioLEmpvyWHUkLkBwrndK0YE4RUmTMQDgPLcfrlYMcLp8YtuxDaXwm0KlaqK9b4fRqRFlBgIHySWEJFqWWL2CvkcjCFrAlx1Z5PLqgnzQPGIWwjLcV6cLaWwFPQjaOXG8O9H7MkyK2RGv_5XDxYPPq-S_FQQCUh-zf7kp8B9nMEMoOTc9htY4IKNm3MND1ijdGKpGIrbEs_iVY4sJ8fpaxp2UlLpsqzWxcsKoK8_SYGhoyYPV1uxx5PvoWLewkBNhSq7bcTH7jlAPXaV3maHeFWWxMgqiD3bsVPqkxmHMbUskLblCdBmGXKuxOdGx-DO1zZw44HyqddK6anne5PZdk3Pa4WF2GZqSaPprdIMaCRyoMoju42NIqXaI8hsmMUXvwdCujoQ5zQbJL3_FJ5tG6i6ZjH0lyKKig4MQdyMHS-HsSoUsYSf_Ai_jb48d--0cckXfrKvdk2Ck7CSny3mV2L80aSMCuFkmd_-WnNi52pS8gqMpvH5rK5xSNDgmIkM9hvX11RygrJs7mntOzTcQ3DySt17zY4dGuWI7PPyBXHlrFn511GgmnK54SW7Vns5B3va1_AGkY2Yz_GrKoMUJsyatqjDGzq3xee4LQ4BToW4dF4OO89IR8XYg_QS5DzB14UGJDAKND06kjxLEJV6JItLE4PgXQ5QcNSbFa34C-fb-QixjzGRdmp57FuTWnQWyXyV1j2fBIcb5X9oexSgLvbYHB4JrfbPr0gwnFx0J5J6cjJe_iEzWig7iA4Eaf9b1bRjyIIDM7Kj0ezDJ7OkB896kDTusp9Wl_5rKp_9WceZ2BGuWBcIvH8HuqwFRojJGhuaam8_OHyfvtTv0dnSfgXtGpNMH-Yagl_lei2DkY2_GXqRPYgEl8lWtd93LrU-AwEO7vk6ld3vJS89ZjAD6LHNQq2E7g6gKl48TNdePOUlah4Rpiig97Gwa14fA9BQQR45oYvYuO57QKL2hZ-cbxs0syz6rCbjodfyHdB20PNbDGutEenQSI-AGGh2PBYz49w_szW3RuDU2NPy7fd7TVH05Xo3_9dCPujkBgD0x6QwzNzeHoRL3DOPVZm3Gs4vKiUFlnB-nqlXeLOaadxIcOmbDvE77VBFR8X3qt8konlILNBa5zx9_vBr4IDJ6pWmUQxR6HtBFdfi38FE97hujsOtWn44TILpLHM37sb9EwI7vSSUPvPfvFUxXdsiRd54mcdiyjF_JTty9EBFW6MNs3YdQbR0XJdw5qyRuf2-_1cMGhRS4P_WjV02mIW8PR1V-WvD9WXsv2Qd44xVByP38nYJQUt8CTblba_AqPVpM0rYZ_aNbmbogAji0ntgmSqR839oKd4fUogwQLCNzyjYqhLgD6deR2AwWHXv9aHPlyviGLWwtJEXSo8hkoEQdl_hbbsUGucS5xO2wDVWjsipUcwUW6PKyl6l7PHNXFYjOHrvpGsuQYL3w3TLhrpb9XaeaY1oL2pcmam-q1s1rkY96uLutcSrr3tum-lS-lmTER3VioZHVUUghTf_0mn6agx0i3OW-wnn3ncfldxn1ba5a3vNEZ5hoKecgvc-ON1HpgGZHZYgfH-u3ICxBSxj8LFh2Og-uhRrKsc0GbVnqsFMT8kcJarhhEBhd4hM65A3AmcaAGveFg8_40QMC-Fxyg9hQgzCAb4bhFmv5FXBiBFl9mNLGYP64FVpmrFuV-8OsDQ1yTagRrx7_wylZ1aX4WykPmMlED8y-weXXLzAizCoAkK-4CjBY3Q8-PuFw6TLDlW31lRqUwBTcCJEQzX_YqLaTGzRFeWl3j_KwSx5cjrVB3b2UyjMG6wnF2_e_WYQFXjewfILBYa_7hEQM_4EyT8mawsqk1w5gD_87osliBnpx8RNUP1xIRLtx-2U3n3YEfBmaEWk7HtjJk9LIxTm0W4FyhOHnDcB6Az9AQfG9aZeQhxjd-UZ1Z-pplFYstFhMVrZxC_UIOx9iWbEQk9zC-6UOBwZGJrai32fbfvWJCA4Cf_QeVnzSAlZFlHjGtzoZcCBOJp3fnYvNh2WhtE8vSuw5VJZyyCDxQKr3pxBZyPgERTL-124hYE7CEUj7ddSabrB1W23xber-YiER6RFF2LqaX4k0S-5Kg98Fhl-EKVKUH13KfRmXDM2VJNGLdCUYRfJSO_7Sr0MHIg5czXmUDoH1PHIaU5d8M1cb3WFg7on5abEzS2nSQ_JQfouvgVq08sCV5NxWQw9kERcXYmPvjYXs6QN39oObWeECJozHkg9C06IidEED_icAfq5lYaAOgc8yfWgIwkhlqB9nbBnhXc_VqCj1i6xBPtqY3iZ0AGcAYfYkT4IbpWaXOQDjQHi6Q3K-exPG7BwzYIuA_luxNqSgGqqZ7MnqEwoThqkYDrCoB-QoBPjc-42CcWyRq-MY4SF8yJqWIC7GPIg91FPnqqGIggUgF_cQusMno-wntzVZXxowI_ePoN7C9MDHwloFOVuo3mVHTk1NaFRCN3DvT9lA8ikVKFcDwsG6qRAz-0myRbeNwauTZy9ULnZLFE2kzK59N4t1Ie9XJElZDIwGWw3OEkjJGqPJtwNRQlD9DHEsi7pgWRUBOk4Qh54qV95Re_GVbnn-3dP72pF3LvEzWaosq9v2FG0kwDgVrjCnxEww_cjV7Xxf_avt-piajuIlc-EHV1WU2trTJ_9bPuuHPRlM9eIE5HZ5T7FxwvdFdxxtv6fi2MUshmd_s9oZ8iG_k2CNVIz8ALI3wMXKs8UwfQR_Gt03JA88Y3moLyGpBRDWO0QI9fu-i_UHDm9c7Pk0Ufo_iO3l7W7WKbDjM5ENOv2CRg80l77HUOLZpo_5J1PZJCLzU57zNOVe3u8RT_6-Apg8yqL0hx6ePyvpHAdKA5bgEMS2Aa&cid=CAASFeRo9xmS6FQ0Hw1N79PTH0-GEtUhaQ&rfl=1%2Chttps%253A%252F%252Fwww.klickaud.co%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:56:43 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D62A 41 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame ACBF 23 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BocDIo6Y3U0zV2IxCerZ42_iq9D5XnFkn1ZuxCH6_wjStHx98eyOYEPTCB-NJ_jWELxNMsPaEfxP1RuPDGiShvy1Iu-gnlF_jIsM3PX9tNdTDzcA2K-PAXf0xdRKlFROAeHbPTPqBg0mFrTVVOGOFmuPoz7w&cry=1&dbm_d=AKAmf-DJkoMqej9_EhjrTNuKyQ9f3Nk1AMrjg423Sdy5YtwKP4nU_r7fEWnblEoUKm7mi_UCGN18sJzIyzpgEl39txlcNg6daYdiBlFn1794jyrDg3lnxqV3eP1BKeXZtKajt4PppskwUYe8tE-T_r9FOmqWE2bv4udYkA20cAlzBO5_cFxhZCJC4b0Xfv6mUBlPM1mklD-L8nvc6BL6NoTSTPu2T4eCJkJZJ6m3iGscx39Mi11Z8Bdu12UPvCTuWfgDWRZdNhbE2Rh1ZwU5Y58ZH0HHu8Eh1lv8hq4G-f7_p8jXorcaxcwOWZYPTn9MXrCxX2zOARzfQDZqi877xSxScetVNrBNzuG9SlIsqmZcqzs7cKQ-DpJKDgeNH1E9bansEHqyOJbKolceKAEaF5CMyWKF67YU9aQ-NMpsajuGdY_oFgvaf18DIJbL1xugDQ2xlxJe-4u-IYyRPI3PetJpBdv9dfIxCN7QfQYJPzIJjpmM1pyBSJK1iz-zKnMACSAQRRIyEf4hCzuKewkj7dtqruGOBd4y81p9GlRcufQFFjR9st_nXn1gWiSPUy6hsjCSCACgcJS9l7aOYUdscZ6ltBQgUlC93dz1lMPIGg--XgUqofyg501AUJk4vy4yaLY-MdwfXIdh0b3b7HoQEXruzfK-cU0Xq1-tJiub2Be49m8oKAO_gbyTSu4N5e_mIGhh8b1fiQmfq6qvpVfciIxErrHGw51pk9nZePy2HRSUQuy6C0HQMrIcikHZwD0iIHjRm6zy1_mBfM0pRcVk1PkgDLkiro0oGRy6Y6vzk8S8CQvFwKSnKDsKcYNlvIZnGCAK-Ib55DFY6q0o3XDz5Jhp_i46Tgpn7JmZh0T-Cwu24vpS0Tp6yhGDjXnbTJlOmCvCCwuXYFiEcRq-0OD03PHmHHOd_FuWkl8mDGRoj0Cvqo18Bgs13BskjM4-1R7BHdNybg1aOQ_MAT7358TspX13PL0BFFkhT5l05o0J539bYTs43VflOKsJbbuFSNTHge-0p80ANlpLROyUc7aAnV9vTO_vJ6Fq6xWhGxh3dPmpgvgfISrnrRLxOB3wZb2gZFrL4t6Jz5MxuzO74yHffkQf4HEfTIQhFc1YjM-JlSTbBGyWJyjVYAKNWiZRoB519ojKa8YbCdztDJCDLP_iDPlieJFSQrI2se8HH6q6gFCL3Es0STymWMi0kmkaUpOy53QKzG1pUxVqKoCKDhK_Y_p6OT-C1p8bK_jTee7B2MGQzKap313o_yArhqYviy8NqG85_XFEBMqeiSWEMkvcchgT22w3YvN_9yx9_yAg5iSrz3LKFev35Qazl1EyUET3Qkr_ub-O65DoKTZDZO1xvhQkG33A8tbiW6U-ujOFx6rL077G4VbvknHXEkOg2FY3H1kDPJs2a-Ix7l9PLFxuLmgQXoYF9sdWUBg9s4KgQzmT8BLNXBEwCLOXGz9Zh46647xHkwJFIgeNohvCMZxOn3RURp6cE9utkTLIV_0wvbrk_a3k38bnvyA1EXIZuFMh5HWWFZH9xznoBSA6qJ0P23Mz8cYCz75jOEu53xdYFbmORd23xneJMXAvnO90iNCLxFiQddpkeAvlneph4CssbdZh4qI-vYww-hANM8CPD_s6e1-hTI-dCSdBCMT7hL9JN-SC3YI9R-uga1zAbjTVyiIMwm-0DLNrbYpiLNjVFBkcrdjTIMj8ExO3tklDAnJ9j7uwl2VHyf89rM9HtN6GjAEz8YlxwMirvlQZ9vHWev30so879BUOpQPBgr0fdOh7XnizzMTOpmBT_9E5_PAF6K-D6TA_gTqktqhQJvm-wcD5RDSfflmWmozB_jCNKJ_JTUvBviHjyJp6pbbRGcc3lSMM9IMCO_Go2Erq0XrstDjxgmyaDCOe2gNiNFHAuC6kqi5ASg3EsnKEqjmikN3ed2yBBZS4-8Z24HzoqaGdWs6QPrRGlgO2l1oN7IzQ9Nm5LJzqAlitMWcHb4Az-E1k-l3CI0EtcPGlQ4TX9J1-iDSySmkgU-agLf9VhgM9j8nVAf4ad4roEYsvUA6ktKIshifP9Ll25eohPR3x3xDsDwqKB7h5oAbZE9diK1HKs4ZPkrtsANN3yBQXf7cyw8DIh2BLV8acwN2lrNkTgK_DJxh3ESmEaxVdwXmGlNH3m5sglj-dLHylTV-n7wkgHr6mvIaVDyxlJ28qho7DUD6G_Bp2_YqTYpy4AOP6V-19eG9isT-6YluhLqwfPOLKHP5pS0lj1qJDo_7MusbeQbkL5jn9BeNdU6TLqkRis3-NhVH7ojNu_VmAPg0VXOWIqhRgFYVoGfVc2maCe1swz4VDoAeu6OPpT6_G_EHIbC-s0WXA1i9oLEzjbuN21rxm6VPE4lpjs2Adm5jf1ert7biF3r2pXY5DpfBR4WEEmoGu6JUozPZaixQEY0n8wIzUyKl_ob9CPODNlxDKHbMqckxKtGku0VEPCoHyfC4P1VHG8x4Eu5hseQOTttO7N1DH7ynBkh8hEiCU2wDdwsUrk6PFGN4l2_Domus9HWTyjJG8Lm2fAxOgqKHi6_Pl7qWhg5VxabrlV9q7Q4bSVhOnUCJBKtNdZdgMxKwxv6lOiJZ1dLmDQnZMlmtuXB4sgTj259iaAPfGzdB8U4E4an7vssapkoZxoEMfd4jjXfFeXn1WDiuOLc9yTbbCVZ-uorbny_rq4TqsTdnGs0cIHOnzZ6v74ivD8uXspCk16zt9B2Q_9EYCvT7OaC-_702zUb2XUhuD3kxI1ndmUn-2_sHyPeCjJTyz3Kr6lHUyTyC0HRAW3kxW_R014Zlm0G4Yurqfwc_FecjGPGayISTjjHl6IH0KmHWSMnzWilKggs-Scgifk4ape5AfKW5FIDc8pNhOsnx4ByZcGB3k0Z8Fgyv8MyWumXLhcHRUush7JcFEsnrsCgLUeg6IRAX1T7kqG4e-MySTJY7mG6pcuN3hiGiinkAgHDbeVGyh0DclYy-krhZU_iv-CMbybtLPlEfwtwczdBFWv3bI3Cjyel-h5Q2TvPSHAbR1-Nqw7BDQWoWfGpT2plZet3m5-Oiq6n8vH0uzTMKAZGYGpuA2IbEFye6T_LeN-YT6XEyy0mxPcgNwrqT2im9fwCyaSMdYamR8Y106mSmQf0jt0D_T6C-nZuwX1T-suZ8hCz2aQhcQAsikG79yNaAFDvHQvgIGk37LkpnJrJHAiHQh0M3er__k8u-rTbyHQ8hT8zZqEkozCRGmvjS8QpFemjArSL95hI13Azfw88h0_JKsRlEcvYQEgtoPx_dziF_m92i19Eo4qPvGYA7k8NA5IuP587WDAAXFQey8fWThax5tv9yp8EGtHA&cid=CAASFeRoS3fs1o2V0Dg4itCdQd5udRZZww&rfl=1%2Chttps%253A%252F%252Fwww.klickaud.co%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 12:56:43 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACBF 41 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7A63 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 193573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5632 22 KB
8 KB 10ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 193573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame ACBF 61 KB
19 KB 12ms
11ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4398922&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hq3PEttyvlBnDE4g52t1-y&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame D62A 61 KB
19 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4398922&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hDWymHEbCkDP6tkgtWPzGi&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&turl=https://www.klickaud.co/download.php&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A63 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:44:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:44:01 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 8B97 1 KB
1 KB 34ms
8ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=66361
Date: Sat, 16 Oct 2021 13:01:18 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D62A 2 KB
1 KB 103ms
11ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_805162036097&jsTagObjCallback=__tagObject_callback_805162036097&num=6&ctx=1828362&cmp=115750&plc=4398922&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=805162036097&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=93&bridua=3&dup=null&turl=https://www.klickaud.co/download.php&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hDWymHEbCkDP6tkgtWPzGi&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&dvp_exetime=8.40&callbackName=__verify_callback_805162036097
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d248ff908ad5e4fa3eef244e0af263254ea69b7b8367ed0acf3939949941b0c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Sat, 16 Oct 2021 13:01:17 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:18 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 15D2 4 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=85402
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 7DE9 1 KB
1 KB 19ms
8ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=66361
Date: Sat, 16 Oct 2021 13:01:18 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame ACBF 2 KB
1 KB 83ms
14ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_87645877413&jsTagObjCallback=__tagObject_callback_87645877413&num=6&ctx=1828362&cmp=115750&plc=4398922&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=87645877413&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=93&bridua=3&dup=null&turl=https://www.klickaud.co/download.php&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hq3PEttyvlBnDE4g52t1-y&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&dvp_exetime=7.60&callbackName=__verify_callback_87645877413
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 143ed3274be57d03a3c259bd246f8ffcdb13de76f230302fef29baf433a578f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Sat, 16 Oct 2021 13:01:18 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:18 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame E591 4 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=85402
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5632 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 11:44:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13301
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 16 Oct 2022 11:44:01 GMT

POST
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ Frame D62A 807 B
1 KB 55ms
10ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=663cd7fd2f2140368063903e3f434b0b&dvp_or2=1&cbust=1634389278568165
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/15/2021 1:01:18 PM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D62A 9 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4403
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 16:41:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 16 Oct 2021 13:39:59 GMT

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame ACBF 807 B
1 KB 43ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=a01160f29c9b4c639862dafbebbc523c&dvp_or2=1&cbust=1634389278569547
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/15/2021 1:01:18 PM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame ACBF 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 12:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4403
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 16:41:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 16 Oct 2021 13:39:59 GMT

GET
H2 200 impl_v80.js Show response
www.googletagservices.com/dcm/ Frame ACBF 37 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v80.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15821
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:32:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 18:49:56 GMT

GET
H2 200 impl_v80.js Show response
www.googletagservices.com/dcm/ Frame D62A 37 KB
16 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v80.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15821
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 14:32:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 18:49:56 GMT

GET
H2 200 B9689862.280630144;dc_ver=80.232;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3346616624;ord=ol4t7e;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame ACBF 43 KB
21 KB 73ms
35ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3346616624;ord=ol4t7e;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=20;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v80.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

9f44e2c3c0c139e79601622db1bd3081fddeb022bd436f78f1a3d9e41d67ca85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280630144;dc_ver=80.232;sz=728x90;u_sd=1;dc_adk=3013400691;ord=blh8zj;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klick... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame D62A 43 KB
21 KB 59ms
39ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;sz=728x90;u_sd=1;dc_adk=3013400691;ord=blh8zj;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=38;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v80.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

75a8b8f7669289b5539dab2ec4220396228ba2306f3f59c5f683242d7e54f9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame ACBF 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3346616624;ord=ol4t7e;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=20;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 13:00:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACBF 0
60 B 104ms
51ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuASpu33RYvjGWWG8zMoJrxD5gYEmWn_fsLeEqrmyfWTzBjhoC0O_8-6neE1HaUyJe8LwIwGNmbBxtBkc-v8SAaSXFG_kdp0L9byAcf1finteqk7oZUBnwyJ-qMRbATMcKCSsSJYkkT19GoOE8ScA1c&sig=Cg0ArKJSzMNvRsbrIdGxEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211013.88284&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame ACBF 8 KB
4 KB 16ms
16ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3346616624;ord=ol4t7e;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=20;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 17:50:16 GMT
Server: Microsoft-IIS/10.0
ETag: "0bc2dc9a3bbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 thinkinghuts-english-728x90.jpg
s0.2mdn.net/2276943/ Frame ACBF 69 KB
70 KB 88ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/thinkinghuts-english-728x90.jpg

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:49:05 GMT
x-content-type-options: nosniff
age: 83533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:32:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 13:49:05 GMT

GET
H2 200 thinkinghuts-english-728x90.jpg
s0.2mdn.net/2276943/ Frame D62A 69 KB
70 KB 93ms
14ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/thinkinghuts-english-728x90.jpg

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;sz=728x90;u_sd=1;dc_adk=3013400691;ord=blh8zj;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=38;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 13:49:05 GMT
x-content-type-options: nosniff
age: 83533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:32:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Oct 2021 13:49:05 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame D62A 8 KB
3 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 13:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 13:00:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D62A 0
545 B 98ms
50ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviN1HiC-0oXXkWxN18K5Yeio1YHVgLxbCb9nza-Frmj_0Na-yl4S1UF3A-8-VIXJ0et8hejzsGKKE4iCzxOg6_aT-MAD0NDVcDa2fHix_LhXpkeYqXQdF95gk-GgaH-O1VOqLKQFgS5lLwpWrnfh1m&sig=Cg0ArKJSzBBLyEPR5AVQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211013.11409&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D62A 8 KB
4 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=80.232;sz=728x90;u_sd=1;dc_adk=3013400691;ord=blh8zj;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.klickaud.co%2F$0;xdt=1;crlt=_0yDmz.O'M;sttr=38;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 17:50:16 GMT
Server: Microsoft-IIS/10.0
ETag: "0bc2dc9a3bbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38BB 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 193573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C4F 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 193573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A63 0
56 B 46ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnyJZHs1qYZfxFMX8gQe1iaeYCgAAAAA4AeAEAg&bg=!-fql-r7NAAao6lBpqOo7ACkAdvg8WqEDAlqpqsJ4byi3l5MmlJpGwv9SoKkAR4vg-il3XbalzuE-QwIAAACuUgAAAAxoAQeZAxUtaOQMJsC9py80YyfIbp1uHWwkseVfJ8SElBNhrg4schsYmRCLW8Orgijj5VlL7FN8eEM_DdP1i7ovV-CCiN92Tl6imF-mPURmnmUPSNRyWvJX5V5klYaDNofT-jjJaKoNC5SRT4UaHZOuXV_WrdeIzX03g45dOq-Sccu54tiu-f0MpFqZ56Cb3RCzYC_rK5vdylrHC7X24ndUE7Hzvd2gBkz2dMk8gaTLWeCiWqC12yNbbi9bpdL-87fLu0VGwWJSQwh6IzdZqJA1YppiJfc__4gl90_ixVcoZqTAyefzPdKsL9qa2stCZcYNbhXioHwhSMbjvkopAy_v7U4wmwyiXLPd1FACSe8M5O8GEAK7ESvS_qk2RhNAuGbXgydm0bXqA9tuOReQAJxov3AtmwfpaJCFsRJshY9H1xUc4_MnQ_dmat42pL52WewXk7VysQL9Z3XVG6KVAcBQLWu2diBg_NLvxhKTeoZTDIUUpi3yKgNCXIHGb84-W0rYpSjYVdGcXaxMHTsYm8xwQ41HxdNfk8A-Epji7GLSe7IVCXSN2uYxJXY8IsndZhOqerIs9s1qHOOlOxqxlmorPUxjSQSX1ijf4v8xROyoPYBYW1HRIuMReBwp7ZDx_0YJHdPK6IyCEoy8ZzaEAg8JtcJUh5CufP6v_88W47K11JNZzYd83gVqRLAVg-qA7Ax_JEUQVc7JJQenaYZi-UKf9Xi9cm4yM4rqH2ErD18IFoHQhvqwG-cWSeuFyoPbKD3FK6ridbyHfLZ2EheVmIvFypfEEHCfgeI49SaE00ap6LZsSpR93SP0CkuOBP7-df0yUglmw7Z7Btls_4j9c7PARxsmFeK_XXqooeOuC4plCxVDZ5TH873kTJWdZUuYHYh6aNag7S1qBntHFzydeMS4im4qrkB6sJwFIGvytjY4AjROeC7zO0Tb3MXuonDNCdOmM1yOZDsYG70iV8sAnDpp_RWb-CRY79BcGNjyJYfkgErdUS1bPYk0VRk_NAl7qbu26S0DIHrJNwa7Na68Z15S3j7umDFHATE8keM

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame A883 495 KB
90 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
DATA 200
OK truncated
/ Frame ACBF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e74af4e72a34ff59d7ad0d1ddd0284997bc88c0cab70cb4dd782a0680a6e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5632 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BheeDHs1qYZ6aFYHC7_UPwp-F6AQAAAAAOAHgBAI&bg=!mZqlmt7NAAao6lBpqOo7ACkAdvg8WqlUKKVm2Xarlk0HKf9ubbDbWoULlcKbzsS9U3cZPWIcAgw7dwIAAACOUgAAADdoAQeZAvtKeeN27ke4w4nb2xzpaHTBkXtaabmCCfLARLJwU57--6xY0mRcibn_bvbkt_pOOe7BVRLEpgF_TOLtUkG2aZuqIxD65j3eKntBucNLscXUcRpJlSqqIB8otD6vIjzdUPsmm5L4hd3I1ex74865YUoU2LV4tZk05E653YuB3Bh_16EvGdg-25gdszz7tJVNmlS5mOKOjhGOXvUjCcErHuLWje0zR-yTpKa5YCTeqMWGRPFmtOJfAMgPe4LLEF-moBJ7ahm3h7I4VoIlMdANNypVc35ar5ugqm8vubCjOvYuS-eCxl43ZDCnYrqFEgD-lSuMQQKHy9v5pKCMqehnHW4iJKBCAvQxo4b96FYxAae_Xgspx27CQSQsuQuow8o7KWtF-j2dWWB03FUwGsb-ta4qNqdz8KZ3lWrpZ0pSvCC3NahOZLhgFSnLMLRBCztVRE6O5DyRUf2QynKODS_7bsOkuoqQjQg-gt02TJSW3qW38UFfRWjWxVJAbh1sf9d0apJ7OAoKPOvVfRfFyF5wi_YapvVnifo6GKRjv69my3UKjFlkseJTh6YynDIamBlbxMqpri8_Gjy64sFQlp_cPfX4gQqt4ojf9_hdBcGas1dXXA_OE6O33NIPIr1vOv3-ZE-7AUtn-qDPVZwRhqVvsmVFd0tfVAw2cWq68QkcOG9A4hWkCcoV1A2Pt8KB8FGZxhl_ebk_ecnoZNnIJOO45o6HWzTRGOg4t9D18Uf99hybdSwqV3_9Ihi8JKLt8Xy7qGlrlsIJZoVTU9d281V4VQmC8iyuId9gwsZWsMMp2bXRGUY8hAsSxAeEiRSSiplJiGimv0k2xt2Z5lGuRXxwSquxGuN8lWr5v9Kuq8gDMheXs1mqCl9FPn508BNbfbFTmZpFfiwBgMjlqJEbomSdsh4oHXasDCZLUmuaqqaNCKzv4rDmzxap3YuqutfNilIxrsm6xey4ygFd0wyztsDwVWHeWMgiF6E_vnnRwT8VyvxrlutWUYuKHqWik-Cd

Requested by

Host: 1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
URL: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame E3DC 495 KB
90 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
DATA 200
OK truncated
/ Frame D62A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21df6b40b094922bd39cd8c8172788eaf759a6c14311862e27fa2cd23820866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame C0FF 495 KB
90 KB 34ms
34ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACBF 0
23 B 75ms
46ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D62A 0
23 B 70ms
46ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 16 Oct 2021 13:01:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame 34E1 495 KB
90 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: www.klickaud.co
URL: https://www.klickaud.co/download.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame A883 1 KB
1 KB 542ms
15ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=108&ttfrms=21&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&srcurlD=0&aUrlD=-1&ssl=https:&dfs=708&ddur=17&uid=1634389278889302&jsCallback=dvCallback_1634389278889167&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&sdf=2&dvp_epl=309&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.klickaud.co/download.php&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hq3PEttyvlBnDE4g52t1-y&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=811267966004.518&dvp_tukv=79664972806.12616&dvp_uuid=17310501.73590311&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=1036930567365
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 28750f67c540fa0ad80e284c087ca2a2cee48722c6c70f59ec9329de321944da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:19 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E3DC 2 KB
1 KB 526ms
16ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=113&ttfrms=5&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&srcurlD=0&aUrlD=-1&ssl=https:&dfs=716&ddur=12&uid=1634389278908178&jsCallback=dvCallback_1634389278908896&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&sdf=2&dvp_epl=309&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.klickaud.co/download.php&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hDWymHEbCkDP6tkgtWPzGi&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=33805904&DVP_DBM_4=342963656&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=933619771666&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=115337729104.04431&dvp_tukv=999399480.4450827&dvp_uuid=44092965776.637436&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=1407987647725
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 0af0dfff7c32659bf5d719d06a785f8624710f826bbdf96f6579adb53a7332a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:19 PM

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 38BB 35 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 09:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 09:17:37 GMT

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C4F 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 09:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 15 Oct 2022 09:17:37 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 34E1 1 KB
1 KB 500ms
15ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=83&ttfrms=5&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&srcurlD=0&aUrlD=-1&ssl=https:&dfs=716&ddur=12&uid=1634389278933240&jsCallback=dvCallback_1634389278933571&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&sdf=2&dvp_epl=309&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=115337729104.04431&dvp_tukv=1495703628126.245&dvp_uuid=51858482.66005924&dvp_tuid=835370366742
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 8bfb7f918a1110422208b11d1ef91b7a2987f9d6702f7e7470ddf11cc761589f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:19 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C0FF 1 KB
1 KB 487ms
14ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=120&ttfrms=4&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tar9EEADTbpTauTau%604a%60ed2%60e_36cfc4e66ag6a6g6_72%60hh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3C%3D%3A4%3C2F5%5D4%40Tau5%40H%3F%3D%4025%5DA9A&srcurlD=0&aUrlD=-1&ssl=https:&dfs=708&ddur=17&uid=1634389278946189&jsCallback=dvCallback_1634389278946671&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&sdf=2&dvp_epl=309&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=811267966004.518&dvp_tukv=42139415325.43583&dvp_uuid=453639908.2050079&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=1156699240487
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 1a4b7d2e8cd01958cd64dfcf9fc154c6c0e4676e608ca4461e3f1eba252619b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/15/2021 1:01:19 PM

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38BB 0
56 B 44ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhURCHs1qYe-VKIOM3gO_tqSACAAAAAA4AeAEAg&bg=!LyylLGjNAAao6lBpqOo7ACkAdvg8Wncw0hz-xWesli5o2cq2WnLbNksHA4rPaR4qB2NUN_1YM7RkFAIAAACoUgAAAApoAQeZAxDCFj1Ypk5f5_tQyW79Q58jft2rahiB26P7zIGBWlDU0F84bDBb45YJSQp3Evktmh15_TfX963acK5_FOIXp8uQx55jPYZ0F1DihORaapOAJ6hOiVIsn6EpGUZ904zFS45JiouHPvlhzUyNUedEnGFQE-4vrsUKcOV7bhHPiuYqR38bFlVFHz4DtuZtlyjLc6V73DfFHCvKzwLiFvnq4XJp1VWbNjTyilV64a9CvJ21hwujGSlGsSnFMGHwL6B8bBOuK-SlqcgTTNV-FWUXdHvvy95-lPkyOxj7rI5GAm0LxGE3iq4T5RF9y2jHdPbZfOwQZrUcR00pE5QnmGswRx5b4xQonrf9-YHN2ad0-hSoUi8iPrkA-XzhBR1IVvINM748O024QCXoRUnQqdG5giWrsSEoqABNLhZQ6QJLOJMgwxGgNerFgpOBOLtGtI3J4PYvBAOF3OBoonFDYdIzho-xNray9rpMaXPbCWiACg3QSCXe6A9oihHuVdNCnnmipTyDzdBmeCez86I03TUPnx2Ex0ztTWgAOB1ZQFhgwXQCmF43FuoLj3St8tjjJkmP-cAe0UVSk9guFfnB_Va7r1MZb6qo3AjrEHWoGqz6tbuuJmWbiz-is42dPL_He8bJMTFHYauoAPY2A7fwBb-kYmy8htpX6tSkG6GIIzYD_SWE7ujyMWkxWCX3Q62OehpsN5iOgY7V8LSdvNiI0LsrARSJ7D715x8-Sl7GxGuegXM-QRMQnkfa89CD8zzKoxu4dcKyUHAJZ6ukyvyr9t-5H_qUIsEgQvSXP2TVLuWOx-nxY3F4CHCAKwCK0-ep2i0YVdDFfDd05TyzFumBgWf2GZ2u9uBfCVr2_sSu1eof0thDv9KqcsQyEHtbnBvI1DhmqkDPtbJ2hJttHTGZ94fDIm-re9AAASMin9tozqxrJ2OU-zmOS3cd9A632fRrvHnTBfozJV6JbZCpdxpAgqENuEqu2oTi-ktl209nERPn8XavvMrF76Il2Pi3MrQHg7OLvrYKi9TkrZKnHkzFY5nlQbKw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C4F 0
56 B 45ms
44ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx15DHs1qYYudKJaq3gPwv5_ABgAAAAA4AeAEAg&bg=!V1SlVBDNAAao6lBpqOo7ACkAdvg8WgvGMyPLg5wrdrY7ZQJDXMNoO_S1TrI6om85m5M9LAAEtyJjmwIAAACfUgAAAAtoAQcKAEc9k6wiJUPg_usAqPzaW5biE8kdg96BawmnKns8IE6veDAzFNMwYTv6SDAB8KAIC-rjD-bGN9acNAfD57NvULSN-E5v482fvpkDDDDTDRk4fGF-V6INEiQZ7Kcrc39QOiDXJAq_TOqSaqNC1iYrRWK7W3_Nne03EJBicy-xSh5ryZ88hry_yszqs9IaCmB6QDgn-PBrKFNn5HhZA_AgbTDZ3SzuDr1ABFY3NgWLZRBPQV2zdTtaK3u_A1cvxBi-OMcvzdydcyLGfNJESd2lK47-mssM5CZ_yRQwsAHRXAeKlN-jecN-JN8ZcBY3TjCMuLzhdCjj_OsJZTixc-BuJZObbCs5lijfY0xpU0XPW5raKBh3SHIm3IcldDbdH_HSXHHBJkYcmr98zhQNo2MuLrKJN-8Qa3M23AUrCzdgJQOkDhB_i7hvuU9Zyw1cfoyhRbJUXeit-flSk09QB6ZOyAjWIshmqYwGQt55fAbF5U_6Y4Tfkt5S5WYeDL3dk69pml_XSOO-FtLj7Aa3M-GQR3TQDGm0b2sGgVZQtomEF0r1ZID104SkZChStNLGMJxkrVlV0G5l3bhvwUyIvmDCjgRD1GOzRJdiwZEP3mdEl0ny73lrWrZdsVujv054XDrAz1cnAwWPNQwpXdKuQf3D9VWKG9Jx73PGYKbfFQNCi3iprX02hcNdvaDOGxx1x3RUCZqrv8I74MgtaHeG-d_SPDPbnf8jml2ANLctvgtyalIsBUwowu0TwyVMhcNZb_3rWMT_8Jm7oLSG7PjnmPDUcrNJhVI4SnEPAIpfN3wu196OixmSJ3Vo2VRBgRj3JU70zc-S5UcbE0_Rb056pyi4BO8BMVlMfvgDHOtQ35_EyozKFDqqdan28stBFHWxAurMZUYzjZbdAfYLaQ01OJNlyzvgQ95Ov9AL8TT265sksCHXzhp4eM3iRdstZKxjKcfisIMcq25jPC4eLGrhoEfWi_GLZQ8X-HZ4vGAJqqTO391a-7MDchicj63re91otmihP-ftnDTE6IyaUYJ6Za-tRXF1nmHp9t2RVBI44x7by6X0khcK2YvXISP76S77AGxnTo2CO5TmG7kXxlhrwvMergpRCGuwwc1p49yNJ4UCA2LR1jAvb-kG8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D62A 42 B
108 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbsiREIAlMiPilJES7bVWHAesIHtKQEYakFaEp0U1MX-CQdN1wkYGO60O3YHfgk67U5Jtq2yluGZr1LJPOLjFwKv71xMlSwky7t-jog4Xe2Pl0NrtI0g&sai=AMfl-YTMjwYSL1894FsOspkKqxpAlVReRd29loUaneRPjW16KSvalzsDppGJz2JdQDqY68l2Ylxn09wKP3hH4Nkwa_D4uZTZhY80ngQ8GSqv6NHySIkzBJIi39J4Pc6OCCHi&sig=Cg0ArKJSzPskQ4y__F1jEAE&cid=CAASFeRo9xmS6FQ0Hw1N79PTH0-GEtUhaQ&id=lidar2&mcvt=1000&p=0,0,94,728&asp=396,292,490,1020&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1036946713&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634389277982&rpt=861&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACBF 42 B
108 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXBTiBqhSz9GWhX8IbN4d5HKbiRa7k6h1fIdHDBXgXdQF96HrIAKqr__4NBAFCxpixUu4zb66CctIKYMHw4MaGaQR4d93Lj-XChe-0TLwqbyoUTO_VXQ&sai=AMfl-YRc8T6MTdCC6DEY8yYEz7J0R9eU_9UqvG17SIf1CxyXZP615LBmbBh5PnOof53aSZ5RocExsbWnu4NaY3Nt1WjPzbXAq0mIlObbLqjtsSgkZ_TmiUV1nB3yxWwxP9Fh&sig=Cg0ArKJSzAYE_2DnbVd1EAE&cid=CAASFeRoS3fs1o2V0Dg4itCdQd5udRZZww&id=lidar2&mcvt=1002&p=0,0,94,728&asp=220,292,314,1020&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1734021626&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634389277984&rpt=853&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACBF 42 B
174 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumcCdBE3DyzjA1EnCCeZkuLSy6h1bXSlFAPPESGKaRTuRJtaLIrE9TTJOsrg6QMRXJ1f3hIqeu470x56_OCFwcQsQ98s5V&sig=Cg0ArKJSzNq17o_btUxeEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3346616624&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634389277984&rpt=856&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D62A 42 B
108 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGCNd3ouED-gbJSImQJjCSssYiZEnlgi3jyCVKkEGeMUPLGMOFQUByVOR9Mpt3pkt6z4upH4U4tttxwSaZAORe6OHDrFfA&sig=Cg0ArKJSzBKmi8DjMk7eEAE&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3013400691&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634389277982&rpt=863&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Oct 2021 13:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ Frame D62A 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=663cd7fd2f2140368063903e3f434b0b&pltfrm=Linux%20x86_64&cbust=1634389280569977
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/15/2021 1:01:20 PM

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame ACBF 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=a01160f29c9b4c639862dafbebbc523c&pltfrm=Linux%20x86_64&cbust=1634389280570947
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 10/15/2021 1:01:20 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame C0FF 67 B
465 B 110ms
8ms Ping
image/png 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=a073995c2ec04bb1820640aed07d4251&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=9&vdur=489&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=17&tetms=8&msltms=50&vltms=489&sei=290&vetms=42&engms=1&engisel=1&ttfurm=2535&cbust=1634389281477755
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/15/2021 1:01:21 PM

POST
H/1.1 200
OK event.png
tps20225.doubleverify.com/ Frame A883 67 B
465 B 111ms
11ms Ping
image/png 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20225.doubleverify.com/event.png?impid=4dd6c1dde0be4bae94a3b9d1f09291a9&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=54&vdur=543&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=17&tetms=6&msltms=24&vltms=543&sei=289&vetms=46&engms=1&engisel=1&ttfurm=2609&cbust=1634389281479807
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/15/2021 1:01:21 PM

POST
H/1.1 200
OK event.png
tps20241.doubleverify.com/ Frame 34E1 67 B
465 B 107ms
9ms Ping
image/png 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20241.doubleverify.com/event.png?impid=79f39d4aa0f8485dba05b46172e2d393&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=21&vdur=502&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=12&tetms=6&msltms=26&vltms=502&sei=290&vetms=45&engms=1&engisel=1&ttfurm=2552&cbust=1634389281481119
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/15/2021 1:01:21 PM

POST
H/1.1 200
OK event.png
tps20223.doubleverify.com/ Frame E3DC 67 B
465 B 106ms
9ms Ping
image/png 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20223.doubleverify.com/event.png?impid=a20eff22652941d3a2b30700d142cf5a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=20&vdur=527&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=12&tetms=7&msltms=26&vltms=527&sei=289&vetms=47&engms=1&engisel=1&ttfurm=2578&cbust=1634389281482628
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 16 Oct 2021 13:01:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 10/15/2021 1:01:21 PM

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.klickaud.co/	1970-01-20 15:31:01	Name: _ga Value: GA1.2.8832840.1634389277
.klickaud.co/	1970-01-19 22:01:15	Name: _gid Value: GA1.2.1385094485.1634389277
.klickaud.co/	1970-01-19 21:59:49	Name: _gat Value: 1
.klickaud.co/	1970-01-19 21:59:49	Name: _gat_gtag_UA_158609757_1 Value: 1
www.klickaud.co/	1970-01-20 07:30:03	Name: __atuvc Value: 1%7C41
www.klickaud.co/	1970-01-19 21:59:51	Name: __atuvs Value: 616acd1d9dbe32d7000
.addthis.com/	1970-01-20 07:30:03	Name: uvc Value: 1%7C41
.addthis.com/	1970-01-20 07:30:03	Name: loc Value: MDAwMDBFVURFTlcyMzE1MTg2OTAwMjAwMDBDSA==
.klickaud.co/	1970-01-20 07:21:25	Name: __gads Value: ID=fc1308297ee8dfdf-22a7704df7ca0096:T=1634389277:S=ALNI_MaNGU07dRnHhHyB5enDJ79BlPvYdA
.doubleclick.net/	1970-01-20 07:21:25	Name: IDE Value: AHWqTUlLiHsU8ntV8td8W1WA3mBsnbRlNGnyvWrwUQ-t2O0c7Db90fqcgCMaTeGOWwc
.casalemedia.com/	1970-01-20 00:09:25	Name: CMPS Value: 5208
.adnxs.com/	1970-01-20 00:09:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTygM+'L!]tbPl1M>e)ZlrFUfJ+tGXxoHbRNoGa!wjM%iU.>2K_)^FUy(]5+ER]4V'4bpRzqF1`b_'')q]0U
.casalemedia.com/	1970-01-20 06:45:25	Name: CMID Value: YWrNHtwavieIEXgWCH6wowAA
.casalemedia.com/	1970-01-20 00:09:25	Name: CMPRO Value: 1163
.casalemedia.com/	1970-01-19 22:01:15	Name: CMST Value: YWrNHmFqzR4A
.casalemedia.com/	1970-01-20 06:45:25	Name: CMRUM3 Value: 2d616acd1e2760CAESECDEm3onVGBOGrezL8O1orQ
.adnxs.com/	1970-01-20 00:09:25	Name: uuid2 Value: 4937366755894168620

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c2165a160be474c6ee28e2e8e0fa199.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-public.addthis.com
cdn.doubleverify.com
cdn3.doubleverify.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.addthis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
rtb0.doubleverify.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tps20223.doubleverify.com
tps20225.doubleverify.com
tps20240.doubleverify.com
tps20241.doubleverify.com
tps20512.doubleverify.com
tps20518.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.klickaud.co
z.moatads.com
s7.addthis.com
104.84.56.126
142.250.184.194
142.250.185.70
142.250.185.98
2.18.234.21
2.18.235.40
213.254.244.21
216.58.212.130
2606:4700:3030::6815:279d
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a02:26f0:6c00:2b2::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.172.37
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0af0dfff7c32659bf5d719d06a785f8624710f826bbdf96f6579adb53a7332a4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ed3274be57d03a3c259bd246f8ffcdb13de76f230302fef29baf433a578f5
1446117421d0dc83416d691e8fcac45a3559260c94648ef030968e051ffa13e6
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
1a4b7d2e8cd01958cd64dfcf9fc154c6c0e4676e608ca4461e3f1eba252619b5
20641f81194e1372d59fe660b0c7ca7c98b42df171fc741f0c84f7dd35eda3c2
23caea367097876f7f254c5953f3d31fd0ab4daf4c8392dd3cb69d09e8534d04
2825ffde10f74147d2a6336b5f35814844170240ece60ed9db6a547af4694c63
28750f67c540fa0ad80e284c087ca2a2cee48722c6c70f59ec9329de321944da
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
30e5c373efe945deedc8bd69874fd89c4e165f7ddd8eeb04935421dec2743d0f
322054fe1a260eedec6ce01e6389c9d8c5c64d0af641574030bca03a78a3b037
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5a2e453fec80991c9eeab7fabd708f1f3f0edc7912f2c9b2c6a600d72a07b8d3
5a7e51d86c44617f1846ad7546e58e0a4de07719b0f700b4f36e6f15bc52a60f
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
672989952775c111aa31ea7fd4585aed4290ba850d6426cc0079779002efc88d
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d892c67c0db10013885dffa8d74bcd224223199867818e9a685b6285f0550a2
75a8b8f7669289b5539dab2ec4220396228ba2306f3f59c5f683242d7e54f9c4
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87ffc8e4f1ee66861446d1039472d783f3fc0b85f28e9ee893359a04836c7bb7
8bfb7f918a1110422208b11d1ef91b7a2987f9d6702f7e7470ddf11cc761589f
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
9616ba1911e386441349e730a3d81a38b7650715145c5e643c55c96796a79bb9
98c8530636cbd7480e7bf90ae1a26c33656a2147df414e52cb7d6ecd75ea3b12
9cc2df4ba9c9ee983acc87d860415eb14541c442ed1b961f14aa9b04befc00b1
9cfc5ad34e89b6eebddcd5ec715c224a86c99ea5b9fad999407dee7e32f681b6
9f44e2c3c0c139e79601622db1bd3081fddeb022bd436f78f1a3d9e41d67ca85
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1c63b2390a778301c86e062d0ce44ae3f0fd1b5dac69dfebabad8dc0ce3794c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac9214ceb91aaa1b5f2d5e7bc446cb0d0dd291137ece1003d491650591b934e6
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20c447b3d7f66aa1c71305e4a91983b14e3174c651ec6460e73a79e58a3bb3c
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
cbe98095c92ccebbb035eb2107a27e62b9c56b713d1dc7f845753be00390e058
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d248ff908ad5e4fa3eef244e0af263254ea69b7b8367ed0acf3939949941b0c6
e21df6b40b094922bd39cd8c8172788eaf759a6c14311862e27fa2cd23820866
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cec6db5e8a6fa3a10f1a3376ccc84dbaa2a8ca7fb1edb67fa7c74abd4437fd
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc9f5d7b5d8c788cd53b918e8a543bdb9fbf2eac1cef6d9c26e380ea79d1738
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f6e74af4e72a34ff59d7ad0d1ddd0284997bc88c0cab70cb4dd782a0680a6e2c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9b0d10db598c80afa2f4909daaf3d7ef0a7b99e5a2b40304996f28e3329abab
fb8594a99805871c0a06c8d6e6ddcd4bf572c130efa974a5eb00c53a49f3e219
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.klickaud.co Open in urlscan Pro 2606:4700:3030::6815:279d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

68 %IPv6

19 Domains

39 Subdomains

29 IPs

3 Countries

1869 kBTransfer

5796 kBSize

17 Cookies

9 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.klickaud.co Open in urlscan Pro
2606:4700:3030::6815:279d Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

68 %
IPv6

19
Domains

39
Subdomains

29
IPs

3
Countries

1869 kB
Transfer

5796 kB
Size

17
Cookies

138 HTTP transactions
4 data transactions