assayyarat.com Open in urlscan Pro
2606:4700:3030::ac43:c4ef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://assayyarat.com/top_videos/fd.html
Submission: On December 08 via manual (December 8th 2021, 6:41:41 pm UTC) from DE — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3030::ac43:c4ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is assayyarat.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.

This is the only time assayyarat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:c4ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:d64b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:a41a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
54	20

1 2606:4700:3030::ac43:c4ef (United States)

ASN13335 (CLOUDFLARENET, US)

assayyarat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:d64b (United States)

ASN13335 (CLOUDFLARENET, US)

www.shuuf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a41a (United States)

ASN13335 (CLOUDFLARENET, US)

videoserver.adintop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	97 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	187 KB
8	2mdn.net s0.2mdn.net	247 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	shuuf.com www.shuuf.com	89 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
3	google.com adservice.google.com www.google.com	2 KB
2	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com	2 KB
1	bluekai.com stags.bluekai.com	329 B
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	792 B
1	adintop.com videoserver.adintop.com	159 KB
1	googleapis.com ajax.googleapis.com	84 KB
1	assayyarat.com assayyarat.com	2 KB
54	14

	Domain	Requested by
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	s0.2mdn.net	assayyarat.com s0.2mdn.net a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.shuuf.com	assayyarat.com
5	securepubads.g.doubleclick.net	assayyarat.com securepubads.g.doubleclick.net www.googletagservices.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
2	tag.yieldoptimizer.com	1 redirects a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	assayyarat.com
2	googleads.g.doubleclick.net	a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com assayyarat.com
2	www.google.com	tpc.googlesyndication.com a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
2	a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stags.bluekai.com	a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
1	www.googletagservices.com	a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	videoserver.adintop.com	assayyarat.com
1	ajax.googleapis.com	assayyarat.com
1	assayyarat.com
54	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh

This page contains 8 frames:

Primary Page: https://assayyarat.com/top_videos/fd.html
Frame ID: 51ECADADFA54AE016628A49C003E6FE0
Requests: 17 HTTP requests in this frame

Frame: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1658CB9377FCA2C10A94F8AC125FA0B9
Requests: 1 HTTP requests in this frame

Frame: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 280209560B566D7212A40A3592C0B499
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD963DA35DF570587E89C0A1D26FFB30
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05BC31E09F22D5FE11F1F53ECDC452E3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISXrQIQjaOvAhjpibO7ATAB&v=APEucNVUVvb9CpNBt5oZfPBxDUdlVdD8A9Vczmup27if50uNNgcehotI4JNLX70uPMK3OvOLVe-X0du7Bpi82IDiKz5SUlT2e2bPRodmZ6gqHGB0w5XInX_U-Qr5pYaylY52G6MtwM0GrOq6HAeINn-cy5pPHNo7Z6Cs5JMo8o7x3nJlDlr5210
Frame ID: C7DAF436F5372E390DD8B43ECC1C0B3A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39DA94D4562403461F1794865835B7FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
Frame ID: E8A78E351D4F6F0E353B27D6FCC0F399
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

السيارات | الأكثر مشاهدة

Page Statistics

54
Requests

91 %
HTTPS

63 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

908 kB
Transfer

1743 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1&C=1

Request Chain 29

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbD8YX6LaXKkUVtO165mywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKyPHDIK85IK59FyRIQVkvc&google_cver=1

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHiV8Cd2iSbW1I_n3GP_K6k&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHiV8Cd2iSbW1I_n3GP_K6k%26google_cver%3D1

Request Chain 31

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2MzE1NTk3NzgwODI4NDI0OA%3D%3D

Request Chain 44

https://tag.yieldoptimizer.com/ps/analytics?pxid=109291& HTTP 302
https://tag.yieldoptimizer.com/ps/analytics?tc=603634929&pxid=109291&

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fd.html Show response
assayyarat.com/top_videos/ 4 KB
2 KB 197ms
140ms Document
text/html 2606:4700:3030::ac43:c4ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745448b60142bbbfea77b182ec89cc50f1b9577e61ff4e62b8126faaa6eefe9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-type: text/html
last-modified: Wed, 08 Dec 2021 10:49:57 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6RiBKAAwiKqWFTNSRpVvjx%2FefdB9SJuBKE13734bIKlSvZQ7OBg0P%2FISg1z6g56V2JZRpCHptjOzO47GDAcTIdVSVCYqc8wiXaV%2FW4d54mdQ6HozPnkFEq8dIMav2GRsNa65T0sp5cR6X4R2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ba820f9feaa3756-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
84 KB 47ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:03:07 GMT
x-content-type-options: nosniff
age: 16709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85578
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Dec 2022 14:03:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 59ms
22ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 848 of 1000 / last-modified: 1638965328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H2 200 toot_4492087361.jpg
www.shuuf.com/uploads/jpg/ 31 KB
32 KB 106ms
54ms Image
image/jpeg 2606:4700:3030::ac43:d64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shuuf.com/uploads/jpg/toot_4492087361.jpg
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221d165d3313c107706463471ea2998a804a94f157260d1c04aed0e4c3c2d593

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57771
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31937
last-modified: Fri, 01 Jan 2016 23:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSSXAY%2FMijkCgkY5bwGk%2BPH2iUj9tP99EL73tOaLEZb%2BQ8hNiOuylwlVtGBRCP74AJaruA2uLzu7NHFWrVEafCK%2Bm%2FWC6mP3SAviwnfFe2M0rUSn9atXRIXn7JTZcNDzB4uG6srrdGNyBSoM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ba820fbb9a33750-MXP
expires: Thu, 08 Dec 2022 02:38:45 GMT

GET
H2 200 toot_54c7af5265.jpg
www.shuuf.com/uploads/jpg/ 9 KB
9 KB 83ms
39ms Image
image/jpeg 2606:4700:3030::ac43:d64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shuuf.com/uploads/jpg/toot_54c7af5265.jpg
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb3e033b29d5f691f516f914df9634523095d89f2fe84312f746fcb293fe603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8900
last-modified: Tue, 27 Oct 2015 04:22:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BTGsmEC%2FNiereBbbHEHDErn9OvRQGArMiUb%2F8OR4FEnMTAEDYDUZvMb6fBVDGLjNrZYDTZMfJEArpz1X5Y%2F49znse89JuecaVqcajNAmGBIQnxxHkvB061SQlRxj%2BztczdpBZZ8Id6RqcFS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ba820fbb9b33750-MXP
expires: Sun, 04 Dec 2022 07:42:16 GMT

GET
H2 200 toot_7e12606df2.jpg
www.shuuf.com/uploads/jpg/ 22 KB
23 KB 85ms
42ms Image
image/jpeg 2606:4700:3030::ac43:d64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shuuf.com/uploads/jpg/toot_7e12606df2.jpg
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f97e044954689d413ae5c1848534a1844296f7d204563e919593692aa5ff79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22722
last-modified: Wed, 30 Sep 2015 01:23:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aWS6R%2B8Zhh0cFOEtoqynTGQH96Wp8R2q8EoZHGEct89oZn%2FXL2qmxHWOh9ar50RRyK5pH3ZTFIqOTPpUTler7tz7GCeQkQVdLoosYZaETJK9PeOT6%2BI7iRfq6H0mQ4AhuHnqdKWkckQrjQl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ba820fbb9b53750-MXP
expires: Sun, 04 Dec 2022 07:42:16 GMT

GET
H2 200 toot_e7dd777d3e.jpg
www.shuuf.com/uploads/jpg/ 16 KB
16 KB 91ms
49ms Image
image/jpeg 2606:4700:3030::ac43:d64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shuuf.com/uploads/jpg/toot_e7dd777d3e.jpg
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8d9a51f3172f3c88533a703549b02d9727c933a35b065de44e037b4f33a7e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16136
last-modified: Fri, 04 Dec 2015 15:55:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cevJ1NAvJ7E4k%2B%2F4fthXuC4q6SIaiBFGGX702pH7LHV73Wq3094TsGUW9aVvcUxpAxR5D4QbhIzPhAmlVwh7jeM7%2B6Cmb6z%2Fi0bJ8oNkOaFJxpxyJa9tYToio8kiD3aM9UwUtHlTZ2dE4YPl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ba820fbb9b73750-MXP
expires: Thu, 08 Dec 2022 02:05:06 GMT

GET
H2 200 toot_eec2978c24.jpg
www.shuuf.com/uploads/jpg/ 9 KB
9 KB 98ms
56ms Image
image/jpeg 2606:4700:3030::ac43:d64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shuuf.com/uploads/jpg/toot_eec2978c24.jpg
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519e7aae5c15c11d44a9dc655553e9c75ccf979292de90524a37d3b37f82b249

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1565413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9151
last-modified: Thu, 21 May 2015 07:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Lw8bx3BNWYRk3BH3FTwmjbWrPteSVMxUCN6wafc25A3kOSy1gupIUKjY1sGw5iZ3xMqGi7fBYhEfuI6UrAMxQGf7j1HcHjLa%2FOCe078sf%2BQKA3WS7ictvM3aHCVOMCtefTYglVxycGTBhHA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ba820fbb9b83750-MXP
expires: Sun, 20 Nov 2022 15:51:23 GMT

GET
H2 206 blank.mp4
videoserver.adintop.com/videos/ 158 KB
159 KB 74ms
41ms Media
video/mp4 2606:4700:3032::ac43:a41a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videoserver.adintop.com/videos/blank.mp4
Requested by: Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a41a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3bbe371c1ea409275200e04a39b34b79fcea254ad73f88713cbb2d69fa8d624c

Request headers

Referer: https://assayyarat.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
Content-Range: bytes 0-161701/161702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 161702
last-modified: Wed, 09 May 2018 21:11:09 GMT
server: cloudflare
etag: W/"277a6-16346be55c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5eBNqRd%2F3Vk8eo0R318JyANQomj4GmfMJO4A3nV5TYZAiJEVt53JyMlarzO%2FXFR8XqAiHcep54O9sLCUPBswNfbSNKMniuzVIaGQ0xfxmvS1g%2Fv9nkOOHR47t%2FuDEmzdN1CHaN8KtT6B495ykDO7vo8xW2UhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: public, max-age=14400
cf-ray: 6ba820fbaefa6955-FRA

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 22ms
21ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 143 B
130 B 33ms
17ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=assayyarat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4b1993e132c4d799eebd3b5fcd1df4cca30063b877ff74a148dcef1c7c284f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105
x-xss-protection: 0
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
20ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=assayyarat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=assayyarat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 185ms
185ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2964245025418313&correlator=2840440285748490&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211208&iu_parts=21795300705%3A22625489073%2Chalfpage_pgd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1638960597&dt=1638988896640&dlt=1638988896447&idt=170&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=0&adks=1000739756&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fassayyarat.com%2Ftop_videos%2Ffd.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=1145846695.1638988897&ga_sid=1638988897&ga_hid=960173493&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8bd743ac190d67992f9c0834e0ea53289592dc726c7aa023a6b3c323c6630752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10130
x-xss-protection: 0
google-lineitem-id: 5830203289
pragma: no-cache
server: cafe
google-creative-id: 562548449025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://assayyarat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1658 6 KB
4 KB 66ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 08 Dec 2021 18:41:36 GMT
expires: Thu, 08 Dec 2022 18:41:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3be9d7a3075f5282724eaaf9df1e0370583bd3183ce5a86a2f780bec94251365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 57ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H3 200 container.html Show response
a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2802 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 08 Dec 2021 18:41:36 GMT
expires: Thu, 08 Dec 2022 18:41:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD96 13 KB
5 KB 26ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 08 Dec 2021 18:09:07 GMT
expires: Thu, 08 Dec 2022 18:09:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05BC 783 B
1 KB 40ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

204434ae88becc5e07c0cad43a8cf9facbb42dd44f08b8755b5e7a66cc492d35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qQCl9Kryq8okj8hHMHMjcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 08 Dec 2021 18:41:36 GMT
date: Wed, 08 Dec 2021 18:41:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qQCl9Kryq8okj8hHMHMjcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C7DA 624 B
977 B 43ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CISXrQIQjaOvAhjpibO7ATAB&v=APEucNVUVvb9CpNBt5oZfPBxDUdlVdD8A9Vczmup27if50uNNgcehotI4JNLX70uPMK3OvOLVe-X0du7Bpi82IDiKz5SUlT2e2bPRodmZ6gqHGB0w5XInX_U-Qr5pYaylY52G6MtwM0GrOq6HAeINn-cy5pPHNo7Z6Cs5JMo8o7x3nJlDlr5210

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 08 Dec 2021 18:41:36 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2802 76 KB
31 KB 97ms
75ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjwQvKv1Zuh0XTXsN_TKsQgG65QUkgbsDER8I9divHdQaoUNM9r1tQhoFzCjSwPTLy-zUHBkgG12byYIEc5CwTVYi-dq_ZPCjUNR2swYUTRGkPAt5oegN1V7-NLsPNmT35TkB2Kh0jPwpVDXH9kq8aUHTlbg&dbm_d=AKAmf-DoFm9q8ouU6LZDJuIyXAc0B7Yt5FKqBYRqLTqblfp6uRtPmm6QWfoD8Dj_mNK3bRNPRwBIwTrOirn3m2txWZA0wJKwtXGL8684kScVUM8yo58XUtXMLZE8K2pjjKlkTgY7mdipYJvQcKW7fE4XP3Agsp-IG3KlgHC6FMYMIgPTZdCKRXcJox6jWJvl1wszSaTIovSzmrVcypr-WvGVjnI2R2fLpU48PtFDCP92yN2BihCBNXBUFwY6JUBDMiRAKLvDD_-frEAnHF_1-4fxwYTQBiqAP9R75JIw73XLVcw68uk0_WVkYcpP1kq-FXsBRxHW6N3TMGhJbLP8N2j0U_nae13hCQVpOnnQk9PAw9Y3sZHTDz8s3QdYEVjY5QLSR35hEGRR4mDKTwUzmWqIYNVLvT79og7At3hfx_Z9FFnMwyA2i_dPaoGTPIeiestrCSfvMRiqlk-HhrK1kiQgORqCgaZsXJ6BJedsrZETFjYGhyNMluwuY1GR8wu8BoFOxWGKC4nzabeb9T0e48O0jD_-K1Q09Cf78j4J4Uuw06qjLZIec3ZndqsF7S-Ax6r6hMSAEPIJOjiCMSEXUH9X-Pc1XIzhFKkHfiK91qJLecTjHCrAM0ZtLaJ0Jce2pnH9JOd8iih2Rw6cd8RpWIok1eKSrL2dTv3r_GNY5xo1Jh0KWqng5PbU6wghLxdbdaeOL22CmCrZCtWSvhYEh9Ip60pedNQtF8tfloohYe-9CYSnZnDzCaae-kOlRDBYIDtS7YTWqg_lDUyNhbo2TpQzlmK9fqIUnSEYcoWQ_2HdCl8wtYD13YC6QxBQM4ZAYKR8JBouTJa4EYJbAiBJTCDFYXSsWHIId4wCAiZqulBoIsOIRQVpCyfOTw6LKM1tnIVX4ycYcJ3g6kL2ujS0K7_bGuI2uCEd5zZhJaQLs2Z9bueMfstg_yHUYau3cURL92PGg-JVa-buQ0bAIieI6txAgWJ8RutpeH_UpKOQbH4P8MJ-1K36LGClO1upJhHwzmAzZxL9uh-txJnMOOGqNgjk8bdJSSY27vrjaNpCRDwqm_r934HaRIrTbgWnnwPFPSjWc1-Pz4UIj_fcBJGBcGD91hYYQB98JmYUicI-nh-r1ci7FxOcoOTTWtDpXfAr2J__d8K943ihoGanzIubYDn1feHCQo6zzGXhi2vfXFVSz9i7lvLWzQaT2x1O-5PonYRvsU0ZGga5GDXCeGe2jz_JOJwJfxiSjVtE_fqADGLba2_P5yedaFneNaW1N68IxdiRVkFRWKj4yK90tfx4fSiTZR1Ho8D5ETphIV_dM0bpajftlCzSOd9tggQXXIRuogAMOojstfDQhu6aTEfU9K4UnXaj76Zr9ApJ2VnBod4XyoPkp-ZT-SYUldaIxJy5v661776H5Io9MgrPf_00P1adX77Lz3rzfop6Pjxu0mWivyvxe9I13NTTnfAYH7EbQ4N5iOD5Tszs_hfw12FW3KY9s8B_-vWrmE0E8xviIbknIbld388roUJtmIYymfwQ_WsT0PXDcsvgtgPwc0G5j4sGW9ECT_taoiXbeCUz6Ui1PtSfmVaFHliXV68F9TqbJr7ZMnS0NIr8-PWC13GYuqUzs54wtTjPIC3GkUtJTPA-DcVKysWITwvl7yZET4LWMSZjREvqqZBuC0_oOVY0MJNfeeUNrlnKfqs8F8t25vjC709f2NpjD9YTUu4TiRV2tQVOuXpNp3wsT_qxtBe1-o3J9h9XAua8VbyA3d5XB7cbZ7WmCgdPjQhz-GktWX0XipB7M_qrmXsRnM-eHVFC7wKvSZJKqJ0qSQHWfrRXzstAJ4Cm6xoYJiMw11tRvSBQ6iQ5uudnTQdILFQWIblAo64oYv7nI_fZBlTdQXZRwSvr-NphMIQ1KA7CmmDWWJWxiggOerEt6yPXJytP3nnnBReqmfYOfcDexhPi5N4vJklchnXkGkvQiBGrpzBZ-YAK8xdZjG2cveKU8g-51O2uHp2-cXZOTBIi6mQTJz8F1Xw8Kzva7Xp1UXjudKQmaDYRth41ABtklPqosB9MJidnwsp-ECQBTAGs0qoKXYnH6TtITAk9IBdOj1KL0xppKOmqSziw4KoGQN-y8vPs2Ev0m9leT65VS9JnEOXp-pzNfn8YsjSvAoDbn2iDVOVPthayphDgpM6mOU0RZTSR4BOl3oGqYuuTevTsQhl3KoMxve6sgifaARoF41wr7hugGNIyNcfw2fEgMIZjdMsZv3aIfhoBFXTZwAiv76mzW9FO7AkibNulP_KM4nUGYcDFREqv6a5k99S335mR1nj4jEm_Z0yl8WX4heZYUZ6_PPPkz9gRlLQh4lgyjwnJzRKo42O1sU27iITwfPcGhgrLZkk2mSb8cjRHZps_K_wRSouv-AZpUWTEwGKhRsG7KPySFvdyxYy-84xSPR3SRKd7Ly-tH7utpe3L1TKgsLWP--0EB7wEfXUUpjlkJugoOXjIS3lfrgYWKt6Qq008mww6ls_mWgFcuuF2R8CEYPARQOh6RDDBjTff1QPO5G3JKfc8MhhdbWxtoG5GWcW2okUeVNOKl24XkaxPbF9sPoSmBregbP2on_JPLFK9Pyxu_n16XPG_QEoq7umks1qD0PMGomePRTuDxAkPLIExtWa7NA40SeJe2Mn3Ac-PO4Wj2BhAABXRgT9mPXJlHv41FezRFYpAv2B3TF8c4_QcxrhHVE4xbrIG2nD88_vIOUd4BRDYmRUGvMAJHsmmDIbn5FeJrR6TTYvm2zQJeCZXdumMerwGywRPhKErdwflRFdYkHsBikytp4PAGkRaJrnWApFDAGJqu8lWjDy9lWJ5H2w93Oo9fmX2Psjekz5LW8byFZLXHYONn0FsO_p6xTE9jkSI0yqYlJMZGdQEZgV_IzXHWoP7HA42Ipn8X4I54xcHh5Tfu34VfwHWRf3IoWDFfHDtkdMYdMjlJoU-1R5kJYP3YAOjOtZOmAgos5GhVX4grTxfAURKZHOZ6qVjUe0xlgNFImApbIyuX-huwcFjj2t1i4j4sfRHcrgptyOl2l89VqcEKRWzv8_QeuZnTobZecUIXNvRZEY8szJMLuIZAj4dIHYTlKE2qXe0dME3WyWWPOhY2kmzuIoeUKfapPKoZdComYHRk4MjZNRvBJ2i-gD2K5a0_BRz86p0B-z-JIHsNCIrhITSO3w7csbtBzTf-bpd1y6feM7jTfThRFZ7sPdqyahMSyuDSd11PqJP5Nx96eeLgT_RDtj4gMJZlUYZ8oTeHT_dbt3iSn1A_5yrBrLAA6EoStab9TYtNsBspJRSN32mBJd-12CLhuGurH70puX-8_D5vhvnumEo7wVTh_9QION17_sZIHbM2kZwIlz4n4HnY3nlKoBxZk6LmzHQrdSZuKOq_GhmMpARZQQ_6acvHIU-L4ElfkVLccJX8Z6YSVviTmVmEzYfODYebQqqKq7ZI3PxHG9nRE7Id-jj3dRzT45AvObIUEYEEOjabPyCm4pK8zmUh7fcvPaj0FQY6QKk0hvdi13rUSW6IKtnJI6OnNoC-RQNWtiL8WWXn4inwdaxSIhHezcoKBDsT8bkqTA45YLJKGDmxCZyDwE-_NGy4oM2JeoIZ2cdlIRoxE0B0b2T1NFmXjnNadJnN_jTUtXnY75GwkTRZ8HtHpGBZsK5sID2XMlHfgEYiGTiqJzCNpO5NmMSqZlrrMKH2G74y5Aw6RP_upSA8M5mepOFx3-c3_SWXds8pBOCzjJx-hThFf99jyraLhgqQ3fBPbEnqiDHfrB-AhLw_ZmRPofXAAiNwMUI_pNk3iOcFE7nOlflzmwOIYNZrBfPP7CVl0Vv9vx3FX2GaM8lTSvzNPpnENIz220DK3cflGoo9hODFiL8UWuf84X-7yCxIyrjYwAqvOrSSJMxk-AKJXq-vPwc-RHzqtRbZnmTMp_R2Sh6q4tuJqelX0lc4fdat1XkJjcELDpzIYYGYsKe4xgiYmE_BAdu2YkUn1IRC4Qaz6PwijHXmG945Vmcf2qAdDg9uHvZD_g1Fw2sdtVWM9_iN4cPO7RUMbL-CT80S5QPZtuzxJh3nYxqZgCAArAhQ2bbvdML0Ra2s6oIz_l4dfgUA6zA06OmmUQlm2URVIc7CIesb-w26_6es1TSQcGdiuBVvv9OJ18DmsVJlHDPUCpUz7ItA5lPsTmrL3_buy3qvoEksVRCp5lKzg08ljxLJAyS1M_PI3VxV1kSPrxL7yq4_BUhxq6k8ZJbc9P3UpMalaAaI1RRlzYEsKLBIr0XO5hovi1YRKcP7yRh2GIi85S7E8n54-GiLbNugiaqZ65_Y3bCthD_wAtGDE_gR0E173i0oReuoRSLcOJSwgrl-i3PdO4kb68rqaFaoocxOeeqFFl2549F4cl7g4VDPgKeLod8zbzAKMhNcKlK6XjwZCHPEJxy1GpjLdGURI2duCQBY5B80N4PeK9nVxo-z9oLmnrWiJZT3aJQvPHEKPyXd0m9kZ3tPRO8a1KsYl5PO4K2uW3SNsdIZjQvPcersYS5dX9pexInL5-doMvWjcU1mcztWx7jNQvdsYajyB9DmZSSyZvVvXiLv_PCiQldnkGdMLRA1oO8Es9tWoRGgdUnB2Tmo9qB1p3_v_p-mJNUTpFJpT_4OGA&cid=CAASFeRolyj6-yf2FGX1h5-_W41FDbMqaQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsujnkglJFy0ttzatvRtHYzpfq5Kf7b9MWVkO5bbjqIu4oeWdcqP7zbpJYTTGhMqO8mG4IQTB0jcH-pvPyzvNTGpWoiQm40alUCAMIwf67E0NUaSOicht-vKPzxX_eVtY_QoTox4IWx45TjM7Fq64RryjJYABR8H5KOCSE6jXVCX53yZEyw5LiMqWTAchqPOuMFpCubOdsku4aXzqjIt618hRgZkTrJ5kuaNvzohMe_VWxvVHjHOjgIs1NT3mJHoDwXbS5Cjxza4yOAd0CIQkiJA2eBR7JxRVjaic6qMALOhfO28TAPTi744THLKrgtMksg%26sai%3DAMfl-YSdj1BHkvDJvZnh5IfUpX2BQtjme76u-tle4UR29q3og3jEz0Ixz-2YkuULN2MIZsHQfNnD_gMNnpgJhFiW6kefkr5jBC0bTd7xm2Q-EutLrMegGzS5Gey8Q1o3hvD8%26sig%3DCg0ArKJSzCV7fWJCitrPEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fassayyarat.com%252F%240

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c7b7d4095f2fcf257112b981b5b2a9c7930d49dabe9a16db1f35f9c26619d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2802 42 B
63 B 55ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDV8v67KWfTMuo3NHBnPcV_YaHmlpDjJY68y0qcdzGKLO0j1hBSzVyA-HmAkna-zNVN9beLfyLiqFZ90M2yGXp9uYPq6fxa0wmrUhfmQDtz6GT-uU

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 2802 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 17:50:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2802 119 KB
37 KB 63ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Dec 2021 18:41:36 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 2802 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6455
x-xss-protection: 0
server: cafe
etag: 3508882476506594800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 18:00:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2802 0
0 16ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4KmMv494AKZAr03RfOfuTd4vEEBhIik7cD_DnTtNtweo3pWQA2xDSzPJAw-ZsziDKZDAUCYaWaFZaTMhrV3nLpgM67A
Requested by: Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame AD96 35 KB
13 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 07:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 07:31:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05BC 0
0 55ms
55ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=2964245025418313&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1&C=1

43 B
1014 B

28ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISXrQIQjaOvAhjpibO7ATAB&v=APEucNVUVvb9CpNBt5oZfPBxDUdlVdD8A9Vczmup27if50uNNgcehotI4JNLX70uPMK3OvOLVe-X0du7Bpi82IDiKz5SUlT2e2bPRodmZ6gqHGB0w5XInX_U-Qr5pYaylY52G6MtwM0GrOq6HAeINn-cy5pPHNo7Z6Cs5JMo8o7x3nJlDlr5210
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Dec 2021 18:41:37 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZwomj3zGv3mQWV7H4YL64&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 08 Dec 2021 18:41:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbD8YX6LaXKkUVtO165mywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKyPHDIK85IK59FyRIQVkvc&google_cver=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKyPHDIK85IK59FyRIQVkvc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISXrQIQjaOvAhjpibO7ATAB&v=APEucNVUVvb9CpNBt5oZfPBxDUdlVdD8A9Vczmup27if50uNNgcehotI4JNLX70uPMK3OvOLVe-X0du7Bpi82IDiKz5SUlT2e2bPRodmZ6gqHGB0w5XInX_U-Qr5pYaylY52G6MtwM0GrOq6HAeINn-cy5pPHNo7Z6Cs5JMo8o7x3nJlDlr5210
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Dec 2021 18:41:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKyPHDIK85IK59FyRIQVkvc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C7DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHiV8Cd2iSbW1I_n3GP_K6k&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHiV8Cd2iSbW1I_n3GP_K6k%26google_cver%3D1

43 B
1 KB

25ms
25ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHiV8Cd2iSbW1I_n3GP_K6k%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISXrQIQjaOvAhjpibO7ATAB&v=APEucNVUVvb9CpNBt5oZfPBxDUdlVdD8A9Vczmup27if50uNNgcehotI4JNLX70uPMK3OvOLVe-X0du7Bpi82IDiKz5SUlT2e2bPRodmZ6gqHGB0w5XInX_U-Qr5pYaylY52G6MtwM0GrOq6HAeINn-cy5pPHNo7Z6Cs5JMo8o7x3nJlDlr5210

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 747df233-2fdc-4d52-9737-26b984045ae4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 49ba319b-c1d1-4eb4-ba63-016c52e4b3ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHiV8Cd2iSbW1I_n3GP_K6k%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7DA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2MzE1NTk3NzgwODI4NDI0OA%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2MzE1NTk3NzgwODI4NDI0OA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 18:41:37 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: defaf05a-4891-4a85-b131-ac388b843bdf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM2MzE1NTk3NzgwODI4NDI0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 2802 106 KB
38 KB 73ms
13ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
Origin: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 20:15:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/ Frame 2802 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjwQvKv1Zuh0XTXsN_TKsQgG65QUkgbsDER8I9divHdQaoUNM9r1tQhoFzCjSwPTLy-zUHBkgG12byYIEc5CwTVYi-dq_ZPCjUNR2swYUTRGkPAt5oegN1V7-NLsPNmT35TkB2Kh0jPwpVDXH9kq8aUHTlbg&dbm_d=AKAmf-DoFm9q8ouU6LZDJuIyXAc0B7Yt5FKqBYRqLTqblfp6uRtPmm6QWfoD8Dj_mNK3bRNPRwBIwTrOirn3m2txWZA0wJKwtXGL8684kScVUM8yo58XUtXMLZE8K2pjjKlkTgY7mdipYJvQcKW7fE4XP3Agsp-IG3KlgHC6FMYMIgPTZdCKRXcJox6jWJvl1wszSaTIovSzmrVcypr-WvGVjnI2R2fLpU48PtFDCP92yN2BihCBNXBUFwY6JUBDMiRAKLvDD_-frEAnHF_1-4fxwYTQBiqAP9R75JIw73XLVcw68uk0_WVkYcpP1kq-FXsBRxHW6N3TMGhJbLP8N2j0U_nae13hCQVpOnnQk9PAw9Y3sZHTDz8s3QdYEVjY5QLSR35hEGRR4mDKTwUzmWqIYNVLvT79og7At3hfx_Z9FFnMwyA2i_dPaoGTPIeiestrCSfvMRiqlk-HhrK1kiQgORqCgaZsXJ6BJedsrZETFjYGhyNMluwuY1GR8wu8BoFOxWGKC4nzabeb9T0e48O0jD_-K1Q09Cf78j4J4Uuw06qjLZIec3ZndqsF7S-Ax6r6hMSAEPIJOjiCMSEXUH9X-Pc1XIzhFKkHfiK91qJLecTjHCrAM0ZtLaJ0Jce2pnH9JOd8iih2Rw6cd8RpWIok1eKSrL2dTv3r_GNY5xo1Jh0KWqng5PbU6wghLxdbdaeOL22CmCrZCtWSvhYEh9Ip60pedNQtF8tfloohYe-9CYSnZnDzCaae-kOlRDBYIDtS7YTWqg_lDUyNhbo2TpQzlmK9fqIUnSEYcoWQ_2HdCl8wtYD13YC6QxBQM4ZAYKR8JBouTJa4EYJbAiBJTCDFYXSsWHIId4wCAiZqulBoIsOIRQVpCyfOTw6LKM1tnIVX4ycYcJ3g6kL2ujS0K7_bGuI2uCEd5zZhJaQLs2Z9bueMfstg_yHUYau3cURL92PGg-JVa-buQ0bAIieI6txAgWJ8RutpeH_UpKOQbH4P8MJ-1K36LGClO1upJhHwzmAzZxL9uh-txJnMOOGqNgjk8bdJSSY27vrjaNpCRDwqm_r934HaRIrTbgWnnwPFPSjWc1-Pz4UIj_fcBJGBcGD91hYYQB98JmYUicI-nh-r1ci7FxOcoOTTWtDpXfAr2J__d8K943ihoGanzIubYDn1feHCQo6zzGXhi2vfXFVSz9i7lvLWzQaT2x1O-5PonYRvsU0ZGga5GDXCeGe2jz_JOJwJfxiSjVtE_fqADGLba2_P5yedaFneNaW1N68IxdiRVkFRWKj4yK90tfx4fSiTZR1Ho8D5ETphIV_dM0bpajftlCzSOd9tggQXXIRuogAMOojstfDQhu6aTEfU9K4UnXaj76Zr9ApJ2VnBod4XyoPkp-ZT-SYUldaIxJy5v661776H5Io9MgrPf_00P1adX77Lz3rzfop6Pjxu0mWivyvxe9I13NTTnfAYH7EbQ4N5iOD5Tszs_hfw12FW3KY9s8B_-vWrmE0E8xviIbknIbld388roUJtmIYymfwQ_WsT0PXDcsvgtgPwc0G5j4sGW9ECT_taoiXbeCUz6Ui1PtSfmVaFHliXV68F9TqbJr7ZMnS0NIr8-PWC13GYuqUzs54wtTjPIC3GkUtJTPA-DcVKysWITwvl7yZET4LWMSZjREvqqZBuC0_oOVY0MJNfeeUNrlnKfqs8F8t25vjC709f2NpjD9YTUu4TiRV2tQVOuXpNp3wsT_qxtBe1-o3J9h9XAua8VbyA3d5XB7cbZ7WmCgdPjQhz-GktWX0XipB7M_qrmXsRnM-eHVFC7wKvSZJKqJ0qSQHWfrRXzstAJ4Cm6xoYJiMw11tRvSBQ6iQ5uudnTQdILFQWIblAo64oYv7nI_fZBlTdQXZRwSvr-NphMIQ1KA7CmmDWWJWxiggOerEt6yPXJytP3nnnBReqmfYOfcDexhPi5N4vJklchnXkGkvQiBGrpzBZ-YAK8xdZjG2cveKU8g-51O2uHp2-cXZOTBIi6mQTJz8F1Xw8Kzva7Xp1UXjudKQmaDYRth41ABtklPqosB9MJidnwsp-ECQBTAGs0qoKXYnH6TtITAk9IBdOj1KL0xppKOmqSziw4KoGQN-y8vPs2Ev0m9leT65VS9JnEOXp-pzNfn8YsjSvAoDbn2iDVOVPthayphDgpM6mOU0RZTSR4BOl3oGqYuuTevTsQhl3KoMxve6sgifaARoF41wr7hugGNIyNcfw2fEgMIZjdMsZv3aIfhoBFXTZwAiv76mzW9FO7AkibNulP_KM4nUGYcDFREqv6a5k99S335mR1nj4jEm_Z0yl8WX4heZYUZ6_PPPkz9gRlLQh4lgyjwnJzRKo42O1sU27iITwfPcGhgrLZkk2mSb8cjRHZps_K_wRSouv-AZpUWTEwGKhRsG7KPySFvdyxYy-84xSPR3SRKd7Ly-tH7utpe3L1TKgsLWP--0EB7wEfXUUpjlkJugoOXjIS3lfrgYWKt6Qq008mww6ls_mWgFcuuF2R8CEYPARQOh6RDDBjTff1QPO5G3JKfc8MhhdbWxtoG5GWcW2okUeVNOKl24XkaxPbF9sPoSmBregbP2on_JPLFK9Pyxu_n16XPG_QEoq7umks1qD0PMGomePRTuDxAkPLIExtWa7NA40SeJe2Mn3Ac-PO4Wj2BhAABXRgT9mPXJlHv41FezRFYpAv2B3TF8c4_QcxrhHVE4xbrIG2nD88_vIOUd4BRDYmRUGvMAJHsmmDIbn5FeJrR6TTYvm2zQJeCZXdumMerwGywRPhKErdwflRFdYkHsBikytp4PAGkRaJrnWApFDAGJqu8lWjDy9lWJ5H2w93Oo9fmX2Psjekz5LW8byFZLXHYONn0FsO_p6xTE9jkSI0yqYlJMZGdQEZgV_IzXHWoP7HA42Ipn8X4I54xcHh5Tfu34VfwHWRf3IoWDFfHDtkdMYdMjlJoU-1R5kJYP3YAOjOtZOmAgos5GhVX4grTxfAURKZHOZ6qVjUe0xlgNFImApbIyuX-huwcFjj2t1i4j4sfRHcrgptyOl2l89VqcEKRWzv8_QeuZnTobZecUIXNvRZEY8szJMLuIZAj4dIHYTlKE2qXe0dME3WyWWPOhY2kmzuIoeUKfapPKoZdComYHRk4MjZNRvBJ2i-gD2K5a0_BRz86p0B-z-JIHsNCIrhITSO3w7csbtBzTf-bpd1y6feM7jTfThRFZ7sPdqyahMSyuDSd11PqJP5Nx96eeLgT_RDtj4gMJZlUYZ8oTeHT_dbt3iSn1A_5yrBrLAA6EoStab9TYtNsBspJRSN32mBJd-12CLhuGurH70puX-8_D5vhvnumEo7wVTh_9QION17_sZIHbM2kZwIlz4n4HnY3nlKoBxZk6LmzHQrdSZuKOq_GhmMpARZQQ_6acvHIU-L4ElfkVLccJX8Z6YSVviTmVmEzYfODYebQqqKq7ZI3PxHG9nRE7Id-jj3dRzT45AvObIUEYEEOjabPyCm4pK8zmUh7fcvPaj0FQY6QKk0hvdi13rUSW6IKtnJI6OnNoC-RQNWtiL8WWXn4inwdaxSIhHezcoKBDsT8bkqTA45YLJKGDmxCZyDwE-_NGy4oM2JeoIZ2cdlIRoxE0B0b2T1NFmXjnNadJnN_jTUtXnY75GwkTRZ8HtHpGBZsK5sID2XMlHfgEYiGTiqJzCNpO5NmMSqZlrrMKH2G74y5Aw6RP_upSA8M5mepOFx3-c3_SWXds8pBOCzjJx-hThFf99jyraLhgqQ3fBPbEnqiDHfrB-AhLw_ZmRPofXAAiNwMUI_pNk3iOcFE7nOlflzmwOIYNZrBfPP7CVl0Vv9vx3FX2GaM8lTSvzNPpnENIz220DK3cflGoo9hODFiL8UWuf84X-7yCxIyrjYwAqvOrSSJMxk-AKJXq-vPwc-RHzqtRbZnmTMp_R2Sh6q4tuJqelX0lc4fdat1XkJjcELDpzIYYGYsKe4xgiYmE_BAdu2YkUn1IRC4Qaz6PwijHXmG945Vmcf2qAdDg9uHvZD_g1Fw2sdtVWM9_iN4cPO7RUMbL-CT80S5QPZtuzxJh3nYxqZgCAArAhQ2bbvdML0Ra2s6oIz_l4dfgUA6zA06OmmUQlm2URVIc7CIesb-w26_6es1TSQcGdiuBVvv9OJ18DmsVJlHDPUCpUz7ItA5lPsTmrL3_buy3qvoEksVRCp5lKzg08ljxLJAyS1M_PI3VxV1kSPrxL7yq4_BUhxq6k8ZJbc9P3UpMalaAaI1RRlzYEsKLBIr0XO5hovi1YRKcP7yRh2GIi85S7E8n54-GiLbNugiaqZ65_Y3bCthD_wAtGDE_gR0E173i0oReuoRSLcOJSwgrl-i3PdO4kb68rqaFaoocxOeeqFFl2549F4cl7g4VDPgKeLod8zbzAKMhNcKlK6XjwZCHPEJxy1GpjLdGURI2duCQBY5B80N4PeK9nVxo-z9oLmnrWiJZT3aJQvPHEKPyXd0m9kZ3tPRO8a1KsYl5PO4K2uW3SNsdIZjQvPcersYS5dX9pexInL5-doMvWjcU1mcztWx7jNQvdsYajyB9DmZSSyZvVvXiLv_PCiQldnkGdMLRA1oO8Es9tWoRGgdUnB2Tmo9qB1p3_v_p-mJNUTpFJpT_4OGA&cid=CAASFeRolyj6-yf2FGX1h5-_W41FDbMqaQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsujnkglJFy0ttzatvRtHYzpfq5Kf7b9MWVkO5bbjqIu4oeWdcqP7zbpJYTTGhMqO8mG4IQTB0jcH-pvPyzvNTGpWoiQm40alUCAMIwf67E0NUaSOicht-vKPzxX_eVtY_QoTox4IWx45TjM7Fq64RryjJYABR8H5KOCSE6jXVCX53yZEyw5LiMqWTAchqPOuMFpCubOdsku4aXzqjIt618hRgZkTrJ5kuaNvzohMe_VWxvVHjHOjgIs1NT3mJHoDwXbS5Cjxza4yOAd0CIQkiJA2eBR7JxRVjaic6qMALOhfO28TAPTi744THLKrgtMksg%26sai%3DAMfl-YSdj1BHkvDJvZnh5IfUpX2BQtjme76u-tle4UR29q3og3jEz0Ixz-2YkuULN2MIZsHQfNnD_gMNnpgJhFiW6kefkr5jBC0bTd7xm2Q-EutLrMegGzS5Gey8Q1o3hvD8%26sig%3DCg0ArKJSzCV7fWJCitrPEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fassayyarat.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 18:37:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 2802 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da3cec06fc8ccae40077ed49d5eb86f550a110d914ee611611ba688f0fd610c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9505
x-xss-protection: 0
server: cafe
etag: 2191309775366055064
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Dec 2021 18:41:01 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2802 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 13:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Dec 2022 13:58:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2802 0
0 48ms
48ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzbi_oO2j3KtKmnXLMPfD7Rtw-nTndO6FC7BwfqeRifOzLHHFSRzn1r-Li9WKG1FFi0bYaY6DufwK98sixqrB3nwPcIK3NT--eYzL2S2Ih3DYggU8zkLbzZ0bOzNbsI-afs-mKiwZoDzF1JTDG4mZgb6taoN8DQNhyx7yj1DeakzePazadbU0JP_4IK3cwWVgg2S_N76XUgC0DYZnVpbGTwqszx6n84h5N4aNHN7pNeA6BOzz-cEPQgeRlcSYHxj6Drgc1lcU7JpqzktJpOm6I7czoW0jqU7KUS6GxPedl8BBpnXelwAuurwqukikIwo7l2zr82w&sai=AMfl-YRUfybKxXiNtzEd8HcBK4QHeQsm5HOYH7TTt2oUaY1XsKMS_2DvUDFyzWgCnp_joLNbo6_0W8c8TPRz6yJywy4BGaHw_8okPDXKFZccrLGYgNTKeJKHtaDTNK480Oq9&sig=Cg0ArKJSzEwWVSkPgYTfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Dec 2021 18:41:37 GMT

GET
DATA 200
OK truncated
/ Frame 2802 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6218b079ae529a4d3da5ae915e6b26a6bb24b64bc116215c8c82e29cf7dbeeb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 39DA 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 08 Dec 2021 13:58:12 GMT
expires: Thu, 08 Dec 2022 13:58:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=2964245025418313&bg=!YGOlYyfNAAaQHwIOkB87ACkAdvg8WqGDW1jpZHj5zuIN28RAGscMNDFd6bu9LuYhJ2fPnkrs2Cs_5QIAAABWUgAAAC1oAQcKABaABhx8Gkj34R_Qs_l5MYxq9NZJU-zfmQKoovl1k6TaiENLuxfhbHbDgYRIl1cCwN9bKsTPYykT85M2IPT0rhG7eRuT-pBzX9HY2aQ-MctFTHbHcuClNS4A7oAlIG4Nd9eSmhU534oN7nZMgDCJRcDdqoNpCLYLU9GDcEirKTBnMSPmLxrUqK9dXkDm0ye_MfY1aufKrKdEcgYtyeTK9qKcCiK4tJUgrfgOqn3M9BTQFXTG_m3M_-k2gEw99j49opvtdRjjl5oGOAZTsFynogYom05mDqrk5SMSLfskDaivWXr5iIRJdd7persG1b3u29_SPoEWxbfPQ2NwAJ4mfVNhZFSoSsDoNXgDpVFxwjSCa3OrxF8NvTzGmrtT3pTPXXYqy0lMNjEz1p0yLO_y5faXfBfoPcyJ0BVOe2Iz6A-sX4FQcsmSXwQPU6Vex11zEZgPCWY4K2xK_hH8Q0_mRhqkpKNUKclAPMM3GrMV59ECeBaICqOnY8MldgHHgIr17xMVioQp206TuLmGoEdbz8hdsLTlgay_fng-80356AbIXpuYOHTRH_R2FRoQKr8qoPpkHFMWbeMhDzgcAJh29HPmQ_BuUhuWbqT3T8BPmky25r96QB-N0Bv0hg0TrIpTsrMIZH_MBckN3qt7BipXIQ-OfIVbQ6el5tgh0cVfTfMF9sh6nCDB36I3ZuFHf1LQjHGc8Bd6SgK7HJvgH_VFd71D9Hbty8j6Ims-M0ago6xBD_qen_2npi3OeszJfwr5xiOi2p7ArGGJ3oDJRIVIRFD7Czo7co2aOX2CKapSXn4TNo_38_BSO7HrAhlUIYnZ61ktNWq4jlSi096AhEbcVAsYnxqHJY8bN0qga7O-ftlgUbMRYL-R87rIRvhohkA-4sTvkP-O5gH5PE43iR5It8w-y1QETr9Lq7D8sfffrEMN4BU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assayyarat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 39DA 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 07:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 07:31:39 GMT

GET
H3 200 DCT_TimeIsNow_Baker_300x600_DE.html Show response
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/ Frame E8A7 6 KB
2 KB 22ms
7ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3890de089e90a51419a1914b06bbac5b6759ca1da4d74a8ac4f84365102572b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2289
date: Wed, 08 Dec 2021 14:34:36 GMT
expires: Thu, 08 Dec 2022 14:34:36 GMT
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 14821
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2802 0
562 B 97ms
57ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulKph21IkF4w6MOjcskqqug03rgDeavbQuumZWzupe2h8CrZkqQvqPd4Pibz4kbgHKJnLtoluB43ojffsk_DOMDiOwv1ac2BBAszaWy3qaPPnVoOgomOopTkI5S68QU_EkDmVdOq3gfHdL8Ga6ABSxGoQVDa-lId327g45CY1L_ksd4h00kYf8fUSo2--ZUcA_DncmuJ1pnC-SxFtFelnPO6CwhEdlPW4WXimu2bOnzxB9NvwC3i5o8hhjQXYvRCsl37q46WWwaeTwsqKq90HgJgasSMw8a4JfyshOPdNrJGusnpeYQeMSsEe-wA8GZM5orifZ3biJ0qjMrrcgzsZTGQ-aPubT3gDLkd8P-UpfuSlhVXzrKtWOKSMrrin1bne8PmfyJSRPuPM_rgMw02oZ3phNA7c3oqMDAj1aiAUPh4W4f1sf_5KCDhON7-LwkZpFN78-zYA-_jinTX4GwCK8faV_kPgkDYPhKxnFIDEYp3q4JBgD3xXdK2ByxOxXYqVc6zoqIBVTo1-stKhWOsMO232wafoRKvRH3DbnHIHOvNv-2VBlGk0GvurvDNhtI1SMKQHCJ9Dln-rWmgqP_HwIYpvmsRNZbambEL_FEl_BdARUS7cc-7X9A77eFnbrNim4VslkunhGKHEv9ttIQUORNjsIKZbbpiUNcd9dW4JusoKyfHys3qLJ-gSLua1qDsZMx7j1B_WEnFHh-ezwkS_JJCmYoAjFqpAvpY71MiigrFurgeQgIELFKuEskj6feyOWZAuRwRixTBz8cL3YylExVfbpT9DyFNoOpD_Iy-Et1gZxWPMnVBB0x0FFx-5eakDGtjtIdqKvwFf5LdFnNEWuzul51U9HuiDIRLjfdQfms6K9r8lYX8dMSrF9v1Td88KltT5_ia0RxRZwub5GkoozZHBOUiR2f677MYFhkGmhInxaW55u5kXUbF4SCQe2FvoDRWqfGO85uJGfL1Quu7TGmoxPZtypIAJGMRIgRGsf8eORfL-TUW-nxx5WyxM1l4UXgWnrTR9vnL8uzELw8oBRZsAZoqL8tgvq3r_OmW8VKJWJaBENLrE2-ejXh7g4qKSAU6qslK4nu7RYTITCYZmD_oEDPlxD3dNdR1svHu9NiPGq8hEsbrVjNyNxtr2MXE_VTvdRROKh3G0zWtSGTbSXxSP1KA_yF_-szDa_E5f2zEG8q4rE7zNad6JYMEko4cTf19EYtkr8tBJZdikBDZP9cOmfgJpaMqyfbGYwbkrrlx_Duf3SY_EP2K_BYwLnk0hWHPFV5vQGh_mNoDngQRnjIKKOXJG8UXt_OCkeCJFWp4Hz6nBraxco4O7fG62z2sRXZ2Dxl5dzTyGSTGVNvUL55Fxa3BVjSubfzWMUyZMs1liUz8r_xMkURw4Swz1UPOLtoZaVVBTdthOYyDxI-YWaJiqwWEgIpSulY-ujK8k689XaCaqH_fp7bf6zQUppLAdcp-NICz-5p7BNqMVftnoXkn3m24dASNSdi3-EozNYIHXKp15XFZjCaGc9PsuyQ8rqxZ7Iz3J9MPrZiQ&sai=AMfl-YSBKz1RfJeDr_lJgnpyGfIFccqJLysVYVTNjzRrSy9EhNdlEXPFeufxedm6obA2qFkA4Lk5F57-UeEwnYnB3DCy_l0WQz3vYNi-bxSidSl8WcPggpBpcO3ragj1gY0KNtBKMUy4uxNBoMGo80HJu5gWUSUMvq7Ao7jGGOAZiwiudQ3rTgKxfq4qBB8roG2W9Lfy0dL2t0wsBxrWRyGYtmyLpIRtoXrneMHlNpazwFc_RVnMgjQhiy60jXFLErWMhqqE3OGhGOm3PQq14nZexDbJI0pa4qZWKGnLI9qODN3Jcx5k-up7PGScRov_wrQ&sig=Cg0ArKJSzCndnJX7_nhiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=96&cbvp=1&cstd=94&cisv=r20211206.94973&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 08 Dec 2021 18:41:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 84415
stags.bluekai.com/site/ Frame 2802 62 B
329 B 236ms
162ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/84415?phint=event%3Dimp&phint=aid%3D8242965&phint=pid%3D320754876&phint=cid%3D26538504&phint=crid%3D160391067&phint=sid%3D4234421&phint=adid%3D513407455&phint=uid%3D0!&phint=audiencetype%3D&phint=geo%3Dct=DE&st=&city=5673&dma=0&zp=&bw=4
Requested by: Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 18:41:37 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 7a3a
Content-Type: image/gif

GET
H2

200

analytics
tag.yieldoptimizer.com/ps/ Frame 2802
Redirect Chain

https://tag.yieldoptimizer.com/ps/analytics?pxid=109291&
https://tag.yieldoptimizer.com/ps/analytics?tc=603634929&pxid=109291&

43 B
726 B

15ms
15ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/analytics?tc=603634929&pxid=109291&
Requested by: Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/analytics?tc=603634929&pxid=109291&
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 createjs.min.js Show response
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/libs/1.0.0/ Frame E8A7 236 KB
63 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/libs/1.0.0/createjs.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1cb5045babc1d0e95fa5b969399bb8f929515516c787ccd4bba2f2c596f78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14784
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64183
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 14:35:13 GMT

GET
H3 200 DCT_TimeIsNow_Baker_300x600_DE.js Show response
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/ Frame E8A7 56 KB
15 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.js?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f504493d2a670fcc08f8d05fef8a463919989fcd91cd6d9eb4a89b876c52c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14784
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15258
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 14:35:13 GMT

GET
H3 200 _300x600Baker01.jpg
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/ Frame E8A7 32 KB
32 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/_300x600Baker01.jpg?1634634482207

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961563d1190d35da0434105d73947bf5d17f1dac3a792375c89cd2242a0bb22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:36:51 GMT
x-content-type-options: nosniff
age: 14686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32611
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 14:36:51 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2802 0
60 B 44ms
44ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulKph21IkF4w6MOjcskqqug03rgDeavbQuumZWzupe2h8CrZkqQvqPd4Pibz4kbgHKJnLtoluB43ojffsk_DOMDiOwv1ac2BBAszaWy3qaPPnVoOgomOopTkI5S68QU_EkDmVdOq3gfHdL8Ga6ABSxGoQVDa-lId327g45CY1L_ksd4h00kYf8fUSo2--ZUcA_DncmuJ1pnC-SxFtFelnPO6CwhEdlPW4WXimu2bOnzxB9NvwC3i5o8hhjQXYvRCsl37q46WWwaeTwsqKq90HgJgasSMw8a4JfyshOPdNrJGusnpeYQeMSsEe-wA8GZM5orifZ3biJ0qjMrrcgzsZTGQ-aPubT3gDLkd8P-UpfuSlhVXzrKtWOKSMrrin1bne8PmfyJSRPuPM_rgMw02oZ3phNA7c3oqMDAj1aiAUPh4W4f1sf_5KCDhON7-LwkZpFN78-zYA-_jinTX4GwCK8faV_kPgkDYPhKxnFIDEYp3q4JBgD3xXdK2ByxOxXYqVc6zoqIBVTo1-stKhWOsMO232wafoRKvRH3DbnHIHOvNv-2VBlGk0GvurvDNhtI1SMKQHCJ9Dln-rWmgqP_HwIYpvmsRNZbambEL_FEl_BdARUS7cc-7X9A77eFnbrNim4VslkunhGKHEv9ttIQUORNjsIKZbbpiUNcd9dW4JusoKyfHys3qLJ-gSLua1qDsZMx7j1B_WEnFHh-ezwkS_JJCmYoAjFqpAvpY71MiigrFurgeQgIELFKuEskj6feyOWZAuRwRixTBz8cL3YylExVfbpT9DyFNoOpD_Iy-Et1gZxWPMnVBB0x0FFx-5eakDGtjtIdqKvwFf5LdFnNEWuzul51U9HuiDIRLjfdQfms6K9r8lYX8dMSrF9v1Td88KltT5_ia0RxRZwub5GkoozZHBOUiR2f677MYFhkGmhInxaW55u5kXUbF4SCQe2FvoDRWqfGO85uJGfL1Quu7TGmoxPZtypIAJGMRIgRGsf8eORfL-TUW-nxx5WyxM1l4UXgWnrTR9vnL8uzELw8oBRZsAZoqL8tgvq3r_OmW8VKJWJaBENLrE2-ejXh7g4qKSAU6qslK4nu7RYTITCYZmD_oEDPlxD3dNdR1svHu9NiPGq8hEsbrVjNyNxtr2MXE_VTvdRROKh3G0zWtSGTbSXxSP1KA_yF_-szDa_E5f2zEG8q4rE7zNad6JYMEko4cTf19EYtkr8tBJZdikBDZP9cOmfgJpaMqyfbGYwbkrrlx_Duf3SY_EP2K_BYwLnk0hWHPFV5vQGh_mNoDngQRnjIKKOXJG8UXt_OCkeCJFWp4Hz6nBraxco4O7fG62z2sRXZ2Dxl5dzTyGSTGVNvUL55Fxa3BVjSubfzWMUyZMs1liUz8r_xMkURw4Swz1UPOLtoZaVVBTdthOYyDxI-YWaJiqwWEgIpSulY-ujK8k689XaCaqH_fp7bf6zQUppLAdcp-NICz-5p7BNqMVftnoXkn3m24dASNSdi3-EozNYIHXKp15XFZjCaGc9PsuyQ8rqxZ7Iz3J9MPrZiQ&sai=AMfl-YSBKz1RfJeDr_lJgnpyGfIFccqJLysVYVTNjzRrSy9EhNdlEXPFeufxedm6obA2qFkA4Lk5F57-UeEwnYnB3DCy_l0WQz3vYNi-bxSidSl8WcPggpBpcO3ragj1gY0KNtBKMUy4uxNBoMGo80HJu5gWUSUMvq7Ao7jGGOAZiwiudQ3rTgKxfq4qBB8roG2W9Lfy0dL2t0wsBxrWRyGYtmyLpIRtoXrneMHlNpazwFc_RVnMgjQhiy60jXFLErWMhqqE3OGhGOm3PQq14nZexDbJI0pa4qZWKGnLI9qODN3Jcx5k-up7PGScRov_wrQ&sig=Cg0ArKJSzCndnJX7_nhiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=167&vt=11&dtpt=71&dett=3&cstd=94&cisv=r20211206.94973&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: assayyarat.com
URL: https://assayyarat.com/top_videos/fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 18:41:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 _300x600Baker02.jpg
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/ Frame E8A7 25 KB
25 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/_300x600Baker02.jpg?1634634482207

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d863d79065186767b9efa9e593177de92625105229c2392e375bffe9e2459ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:36:51 GMT
x-content-type-options: nosniff
age: 14686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25981
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 14:36:51 GMT

GET
H3 200 _300x600Baker03.jpg
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/ Frame E8A7 37 KB
37 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/_300x600Baker03.jpg?1634634482207

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c5f8c72041fa0e312c18d39fddf0d0215ab26758a8b6029ff8f71346b0a3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:36:51 GMT
x-content-type-options: nosniff
age: 14686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38331
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 14:36:51 GMT

GET
H3 200 _300x600Baker04.jpg
s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/ Frame E8A7 35 KB
35 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/images/_300x600Baker04.jpg?1634634482207

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd580a28ece19008a29543295bb1e2a19fe20480f09cfc397fa77e9999657eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14068570996477882079/DCT_TimeIsNow_Baker_300x600_DE/DCT_TimeIsNow_Baker_300x600_DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:40:36 GMT
x-content-type-options: nosniff
age: 82861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35890
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 18:56:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 19:40:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39DA 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1hasYPywYeHyOO-V7_UPpZeJwAcAAAAAOAHgBAI&bg=!MzClMHTNAAaQHwIOkB87ACkAdvg8WiXGEms76K7BY8j_Q4Mu9DEtdQ6rKI6PwD1HK3ICkXmox0Ja-QIAAABgUgAAABRoAQcKACFMYcZa_nyLDx77xXHqn0yCj4NAknBadDNp39VLBxcbreaZAw1pJTb6w45EdV5mk5ThTjK5Hfq6f1EVRI83NpbFhX-2ccUsp4yV70kMDjLzd9YSUnkJDLLGHSFCnWPsq3WxTHG6Rdg2_dO-1pMNoE9m7KMRmAUqRaK45MR4Um9oqFwLY40fc14Sa1NAYhGsMXaPGRLrVOaJ9dFiN-qPe0kFYAG7P0pLoXYSb_wLKU9ZVSa0n3T3m0Y5UcR4Y4hGxR4j_qj46IVhdjTksRUf06PsOU-ANc94saHNAaTI4Qr_FFgQJmq0e1qjTzi6ka1dmMGapAuhnimULMyxe49OAt_nC-5e6InLJVBxU8WRSp7ubymjb1pnR5A0rdYWxmk9fjmfrhbDUgh1ZyWrl_AsCtnsF8Y8seD79Q17qKsbhAS51DM4HvJUeg8VijBuCk85PaR5ec_iKjk82GQ4GtTyy67p4DmDDChXtHL8M0p0ITPwXhib6iGMPVmDO82jjNigUx-b1QbfaU9F9nwCtbZe05QL-R-EwJA7PVI8o7hpHL-XDF7fGWSHy98GVQOJEN2xbfyLMW0jTfNQ08upb6lsSUYN5gQx-yXqkC9BaXLtm1VhDhSDhASRzcxhKlo4S32NqU15sLJ9z3C6Fholo8iFsiCIuaTuGRTu5EBjcjg0zVTTEa-hWNUUH49DVgz9bh4jvzmNhuCg0p_iCv9int109kqk9kWsEbAAXt8yCEKbTSAMlEzh7Np86nFnTEpnCiw263AZxu996qTSid2N3RnVFe8Z9IzlVLSqfVo3qBDaI62vSHVx1hZTxJ78nZK9HHwCJmgF7j6P1wz2t9fMLkPdukf3ss_i30j6d6HLtUGzpIomiHzBauna14PWFLKJESD7X7uI3f3deBF_Jvwsq9xKuic001F-T6MypDdTP4CvL4W4A4Zgr2O5lduzF7i3s6e313tiGid7l8CwJ9b0dTQIOqeA_9frkbIi07IYXHnBmAeXFMQcjgBRz_GXy42qarHV_89Sf6CqYbo_kFj24sybvxoyWXAS3liDy8HU0gQmfgJp3aVjx53u2ZPn2i3qOoBQVpgq

Requested by

Host: a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
URL: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2802 42 B
64 B 69ms
46ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGm8W_XdK49NcsO-vM6viKoYqKQOrPkdoagAXRZP_O-2RgyvkmgvWUwaPE8u1KEKSToXUg7_M5m8dIHcG8x_KRRGKeytAGhHeWRZ6ua3eydvSuUfT4EoUbB6dX9pPr-O8uNIWrUJ4JDlOKU4o503AdlFNN_9d5-fEOz_pHw-YOV8My2hdjMOxx_32d05UP7ZGepwmGtAQVBNiw7Mg&sai=AMfl-YRbeg5F6HGiTfmWjlaukd8uQGO6y6Rm1SFzLnNvlHFdGcR-rCDh8YRxflUgWEdMX7gFOZUg5ikw32lw8cJ679s1-48upm_0lV1PpPFLL6cz6lU6FUEqgWptwERoy3t9&sig=Cg0ArKJSzO1YkuHiTt1JEAE&cid=CAASFeRolyj6-yf2FGX1h5-_W41FDbMqaQ&id=lidar2&mcvt=1000&p=0,909,40,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1000739756&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638988896847&rpt=194&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 18:41:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.assayyarat.com/	1970-01-20 08:38:04	Name: __gads Value: ID=c416ba6f553e31a5-2279039102cd00eb:T=1638988896:S=ALNI_MbczxWBA_seusa-Rr8RQHeQtgklpA
.doubleclick.net/	1970-01-20 08:38:04	Name: IDE Value: AHWqTUniRi3c7Q59PmusWOD_CVxOSWYcLuiqirv-pUGTD1XtKxT6lFROGH4_If1AoQ0
.casalemedia.com/	1970-01-20 01:26:04	Name: CMPS Value: 5221
.adnxs.com/	1970-01-20 01:26:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?eE/G)e!@wnfH8K6pQK`!5=E<L5?%K4]-bweD-R'1K[=.83vpI.TyoBR#N%dsFp!%nugO%v4VB%nmio#w[k
.casalemedia.com/	1970-01-19 23:17:55	Name: CMST Value: YbD8YWGw-GEA
.adnxs.com/	1970-01-20 01:26:04	Name: uuid2 Value: 7363155977808284248
.casalemedia.com/	1970-01-20 08:02:04	Name: CMID Value: YbD8YZeO47GVYMFK8X7j6wAA
.casalemedia.com/	1970-01-20 01:26:04	Name: CMPRO Value: 1130
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: ph Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: dph Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 08:38:04	Name: cktst Value: 603634929
.casalemedia.com/	1970-01-20 08:02:04	Name: CMRUM3 Value: 2d61b0fc612760CAESEKyPHDIK85IK59FyRIQVkvc
.yieldoptimizer.com/	1970-01-20 08:02:04	Name: ckid Value: 3015385643363

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a26f9bd8151d04ede1f501d65173e15a.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assayyarat.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stags.bluekai.com
tag.yieldoptimizer.com
tpc.googlesyndication.com
videoserver.adintop.com
www.google.com
www.googletagservices.com
www.shuuf.com
104.111.215.191
142.250.184.194
142.250.186.98
185.33.221.11
2.18.234.21
216.58.212.130
2606:4700:3030::ac43:c4ef
2606:4700:3030::ac43:d64b
2606:4700:3032::ac43:a41a
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
35.186.212.60
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c5f8c72041fa0e312c18d39fddf0d0215ab26758a8b6029ff8f71346b0a3b6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
204434ae88becc5e07c0cad43a8cf9facbb42dd44f08b8755b5e7a66cc492d35
20f504493d2a670fcc08f8d05fef8a463919989fcd91cd6d9eb4a89b876c52c5
221d165d3313c107706463471ea2998a804a94f157260d1c04aed0e4c3c2d593
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
2da3cec06fc8ccae40077ed49d5eb86f550a110d914ee611611ba688f0fd610c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3890de089e90a51419a1914b06bbac5b6759ca1da4d74a8ac4f84365102572b8
3bbe371c1ea409275200e04a39b34b79fcea254ad73f88713cbb2d69fa8d624c
3be9d7a3075f5282724eaaf9df1e0370583bd3183ce5a86a2f780bec94251365
3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec
4b1993e132c4d799eebd3b5fcd1df4cca30063b877ff74a148dcef1c7c284f78
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519e7aae5c15c11d44a9dc655553e9c75ccf979292de90524a37d3b37f82b249
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d1cb5045babc1d0e95fa5b969399bb8f929515516c787ccd4bba2f2c596f78e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6218b079ae529a4d3da5ae915e6b26a6bb24b64bc116215c8c82e29cf7dbeeb0
745448b60142bbbfea77b182ec89cc50f1b9577e61ff4e62b8126faaa6eefe9c
7a8d9a51f3172f3c88533a703549b02d9727c933a35b065de44e037b4f33a7e7
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
87f97e044954689d413ae5c1848534a1844296f7d204563e919593692aa5ff79
8bd743ac190d67992f9c0834e0ea53289592dc726c7aa023a6b3c323c6630752
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
961563d1190d35da0434105d73947bf5d17f1dac3a792375c89cd2242a0bb22f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aeb3e033b29d5f691f516f914df9634523095d89f2fe84312f746fcb293fe603
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d5c7b7d4095f2fcf257112b981b5b2a9c7930d49dabe9a16db1f35f9c26619d6
d863d79065186767b9efa9e593177de92625105229c2392e375bffe9e2459ec4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd580a28ece19008a29543295bb1e2a19fe20480f09cfc397fa77e9999657eb4
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37

assayyarat.com Open in urlscan Pro 2606:4700:3030::ac43:c4ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

54 Requests

91 %HTTPS

63 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

908 kBTransfer

1743 kBSize

16 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

assayyarat.com Open in urlscan Pro
2606:4700:3030::ac43:c4ef Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

91 %
HTTPS

63 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

908 kB
Transfer

1743 kB
Size

16
Cookies

54 HTTP transactions
1 data transactions