www.bbfas.com Open in urlscan Pro
2606:4700:3034::6815:187f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bbfas.com/
Effective URL:
https://www.bbfas.com/
Submission: On November 17 via api (November 17th 2023, 1:26:43 am UTC) from US — Scanned from DE

Summary HTTP 179 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 23 IPs in 9 countries across 24 domains to perform 179 HTTP transactions. The main IP is 2606:4700:3034::6815:187f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bbfas.com.
TLS certificate: Issued by GTS CA 1P5 on September 19th 2023. Valid for: 3 months.

This is the only time www.bbfas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:dacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 19	2606:4700:303... 2606:4700:3034::6815:187f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	119.28.201.87 119.28.201.87	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	43.132.107.24 43.132.107.24	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
9	240e:bf:c800:... 240e:bf:c800:1d00:3::3b2	4835 (CHINANET-...) (CHINANET-IDC-SN China Telecom Group)
20	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
15	43.152.26.104 43.152.26.104	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
5 19	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 49	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2 2	54.93.168.0 54.93.168.0	16509 (AMAZON-02) (AMAZON-02)
1 10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	18.197.187.29 18.197.187.29	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:edde:ec13:7780:210a	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
179	23

1 2606:4700:3032::ac43:dacc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bbfas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3034::6815:187f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.bbfas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
down.bbfas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.201.87 (Hong Kong, Hong Kong) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

kookapp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.132.107.24 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.kookapp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 240e:bf:c800:1d00:3::3b2 (China)

ASN4835 (CHINANET-IDC-SN China Telecom Group, CN)

img.kookapp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 43.152.26.104 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

static.kookapp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.168.0 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-168-0.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.187.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:edde:ec13:7780:210a (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	1 MB
29	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	219 KB
27	kookapp.cn 1 redirects kookapp.cn — Cisco Umbrella Rank: 459351 www.kookapp.cn — Cisco Umbrella Rank: 490175 img.kookapp.cn static.kookapp.cn	3 MB
20	bbfas.com 3 redirects www.bbfas.com down.bbfas.com	128 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	143 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
6	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	384 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	453 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	651 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	126 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	543 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	716 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	612 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	187 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	717 B
179	24

	Domain	Requested by
49	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.bbfas.com tpc.googlesyndication.com www.gstatic.com s0.2mdn.net
20	pagead2.googlesyndication.com	www.bbfas.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
19	www.bbfas.com	3 redirects www.bbfas.com
15	static.kookapp.cn	www.kookapp.cn
12	www.gstatic.com	googleads.g.doubleclick.net www.bbfas.com
10	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
10	www.googleadservices.com	googleads.g.doubleclick.net
9	img.kookapp.cn	www.bbfas.com
6	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.googletagservices.com	www.bbfas.com googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	s0.2mdn.net	tpc.googlesyndication.com
2	www.kookapp.cn	www.bbfas.com
1	fonts.gstatic.com	fonts.googleapis.com
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	kookapp.cn	1 redirects
1	down.bbfas.com	www.bbfas.com
179	32

This site contains links to these domains. Also see Links.

Domain
bbs.bbfas.com
88233.lanzouy.com
crazyzhang.cn
kook.top

Subject Issuer	Validity	Valid
bbfas.com GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.kookapp.cn RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-05-16` - `2024-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://www.bbfas.com/
Frame ID: 395ED9275C266D47EB703006C7A95020
Requests: 35 HTTP requests in this frame

Frame: https://down.bbfas.com/Alice/up.txt
Frame ID: C9E523C68543E0D80B5FD1DE2F16B776
Requests: 1 HTTP requests in this frame

Frame: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark
Frame ID: A54875BC6657BEFA43A784A8164591C7
Requests: 16 HTTP requests in this frame

Frame: https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 925B2B587F78919F332785E42C5C3142
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 61D22D470EA3435522E924A80EED3558
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&adk=1812271804&adf=3025194257&lmt=1700184396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184396736&bpp=3&bdt=3010&idt=107&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939426495951&frm=20&pv=2&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=126
Frame ID: 7FCA4C76C87C2611EB7ED22EA7F43F32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Frame ID: B557AF87D32E2E40C61709497261A07C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22
Frame ID: D382E92E85C042635CECD033A1BF5811
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2B77DE179E46EDB2DD6DC0F9971F684E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F374B2CF333FAE5594FCCAC341FD819F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EF825D7516564BAF370DA88D32E55F9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E6530F6589C30841ED545F4A85DB70C8
Requests: 10 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: FC3AE9AC1496B490C132A964ACF95D2F
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: C2B9553D2D46E02D97F11AEDF3AAA0FF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA959DBF6EFD29E306A92FF1AD2DE87C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 627B185442A632EBE801FFB155A110F5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D3DDB874D361A84ABA59EA8DB672A6D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9556AB9D8F209D766E72939630D59BA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07B0197B76DEA0F9BE326358D73C479F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 24E2619E37019BF9C8C7FF0BCA30B01F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: AA73CB69A8B8D20180270C6942E3D175
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C26DD3E575E8D4E3911941501669558
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
Frame ID: 9DBF768AB233C5808516B885350039F9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
Frame ID: 673806DF1ED8F4A121EFD68B1DF53D78
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 000275F5DE93B09D9F077E2E384F621A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC521F43F5F7D226FCC867EC035893AC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 50CFFDE4C6D8768D7B44D5066FCE84AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 956E33473A13C2B552F55CAF31BBB6C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: C5E7E56A426BC0C7081E91357C708767
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: FCBF3B5BEBDC66F067F5C820684E43FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BBFAS｜GTAONLineTools - 免费全面的gta线上工具 BBFAS｜GTAONLineTools

Page URL History Show full URLs

http://www.bbfas.com/ HTTP 301
https://www.bbfas.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

179
Requests

90 %
HTTPS

48 %
IPv6

24
Domains

32
Subdomains

23
IPs

9
Countries

5553 kB
Transfer

13147 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://bbs.bbfas.com/
Title: 洛圣都敬老院

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/d/49
Title: 查看发布页及讨论

Search URL Search Domain Scan URL

URL: https://88233.lanzouy.com/b01phaqmh
Title: 蓝奏云下载

Search URL Search Domain Scan URL

URL: https://crazyzhang.cn/
Title: Crazyzhang

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/u/5
Title: Alice

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/u/10
Title: @老爷爷

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/d/39
Title: 前往发布页获取支持

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/d/1
Title: 前往发布页获取支持

Search URL Search Domain Scan URL

URL: https://kook.top/NrGgUR

Search URL Search Domain Scan URL

URL: https://bbs.bbfas.com/u/445
Title: @YDD

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bbfas.com/ HTTP 301
https://www.bbfas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://kookapp.cn/widget?id=8682642795285297&theme=dark HTTP 301
https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Request Chain 25

https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 53

https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 103

https://googleads.g.doubleclick.net/pagead/adview?ai=C6oAqTMFWZaTyNaqhjuwPy-K8kALFhPGLdJP4lpmeEtu95frHJRABIODM9pIBYJXikIKgB6ABmKqOtQHIAQKpAu8CazzSMrI-qAMByAPJBKoExQFP0BOr0y6vvabv_zci05ZZd1lLTXIvQ3gmvRrb8gCa_QUIc7XhRn_96LxMXtiGw4sPsbAUlcDup6yQtDratZHMm-4IJ2JoDLZkU6b4omhbP1_kOqIAYG1LhKsCGNvP5WUH4fT4OSrcPnVFLBG5QQmRg46jDQRP92-y9xZCpAEuKmS25MRt9_CVIY3DCMrUxbWFzkFVD5EsKdxPzi1ipbMe7zwr3rpbeCegQYpuKOh8UAxBUk-YqjflJ7tdzEiYGxP--GlNzMAEt8me3sQDiAXKj6niMJIFBAgEGAGSBQQIBRgEoAYCgAer5PHKAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELSRFNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYnaSduPDJggOaCS9odHRwczovL3d3dy5ncmF2aXMuZGUvS2F0YWxvZy9HUkFWSVMtQWJvL2MvMDg4N4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwrQFQGAFwGyFxwKGggAEhRwdWItNjEwMDI5NDYzOTA2NzQwNBgA&sigh=fNMoMZCGREA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222421827679504233804%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22710893704694619329%22}&andc=true

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA3OfPchCWARiWATIIhE7Z1rh2wT0 HTTP 301
https://tpc.googlesyndication.com/simgad/767869735684485540

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=CXHJETMFWZaLyNaqhjuwPy-K8kALI4OqfdPSewu6GEtrZHhABIODM9pIBYJXikIKgB6AB1_i41ynIAQmpAu8CazzSMrI-qAMByANIqgTXAU_QGYODP1v-bktTkVDoYxUAhnb6In7T_d-lSaTDffj1tNeid21zeSvosvkNXa_kyihYVhhHtvaxdBdbTzkKwfMqsAx2W2-072of-MUxKFu7wuWxxZk3S7kjBLLec80-aOaYMYchVBj_uVLVAbWxYD0JJtP6SR_oiffhp92K8-JaFmh26kFBs_ER2ySNSvUhh3_yoYSeTggUIwdIyaKGQcuG398SaFnU1flZK_NREOJepJ50GeV61ua8j_4in6392vikdoqIo8lXrGVLGJZOVM1Gq48pVt86wASomZORxgSIBcrlg7JNkgUECAQYAZIFBAgFGASgBi6AB9ewibcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvcMk0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlidpJ248MmCA5oJVGh0dHBzOi8vd3d3LmFtYXpvbi5kZS9kZWFsL2UzYjE4ZGVlP3Nob3dWYXJpYXRpb25zPXRydWUvJnJlZj1zbXJwMjJfZGVfaGxfMjAwX290X2RlZYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjEwMDI5NDYzOTA2NzQwNBgA&sigh=GB84PwY7PNU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212191903555390464234%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211189238871%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213616447778385964737%22}&andc=true

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CS443TMFWZaPyNaqhjuwPy-K8kALI4OqfdPSewu6GEtrZHhABIODM9pIBYJXikIKgB6AB1_i41ynIAQmpAu8CazzSMrI-qAMByANIqgTXAU_QgGEwTC3xtalyl8w8rZIsq4XkCk2R2QX7i_tj8-MSE2_r7dEsBaG3lsORE0u5Sa8pUhMWTWmss7Xx5sTp8nSVKMMp4rNOoCyKBKscUvao1s7opb9ZTAqtJm4lgpUSgnkK3W2_gafXUMBh2DCRCz6kTNYaYXuHKQlbgsmZTKRT_5bqGinUuO3JXaX9P60a-CRWSeD1fhjCJn7Yv2vb0-tb295NOOmJ1iN6q-As_8zt6eZMqh4dZuGIxbxW3LDw03HFuobke4i1kHeAK2QMn6_kowwAeGAgwASomZORxgSIBcrlg7JNkgUECAQYAZIFBAgFGASgBi6AB9ewibcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ--Ir0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlidpJ248MmCA5oJVGh0dHBzOi8vd3d3LmFtYXpvbi5kZS9kZWFsL2UzYjE4ZGVlP3Nob3dWYXJpYXRpb25zPXRydWUvJnJlZj1zbXJwMjJfZGVfaGxfMjAwX290X2RlZYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjEwMDI5NDYzOTA2NzQwNBgA&sigh=65kNCcAyc2U&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224805886307154570111%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211189238871%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212180478433062206609%22}&andc=true

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 150

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9jQMVakT3vjW5HhS5HgZMRA-C9nn5y9uoIwtLrGTGmFnhWATSV64iwdxRO HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9jQMVakT3vjW5HhS5HgZMRA-C9nn5y9uoIwtLrGTGmFnhWATSV64iwdxRO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFloN0NNcDcxUjNORDA1&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9jQMVakT3vjW5HhS5HgZMRA-C9nn5y9uoIwtLrGTGmFnhWATSV64iwdxRO

Request Chain 151

https://um.simpli.fi/gp_match?google_gid=CAESEEY8XOp4zaexZaz-s3B83Oc&google_cver=1&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1pF_PjsymsFPJgEYYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A06334B87E2143ED93830615E7B72ECE&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1pF_PjsymsFPJgEYYw

Request Chain 154

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIzaRUcBRVuYhQ8lLo8oRh8&google_cver=1&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbdsftlPFQuISpYDG-WYhGh_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbdsftlPFQuISpYDG-WYhGh_&google_hm=yXZ6VwFpSyC1wCkqJ1XoaE0

Request Chain 156

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI7JXbZeKMbl1e5GCmbqWD0&google_cver=1&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSmFOTiPb-5W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSmFOTiPb-5W&google_hm=eS1CSGRLSk0xRTJwSG1oN0xJaVNoVXQ5RGczcmhBbHUxVn5B

Request Chain 161

https://a.tribalfusion.com/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBe0iD_KXR1O0tXaA6ooYNM&google_cver=1&google_push=AXcoOmQuP6GkpEncZNkUygP21ANLQUkg0d8ZJbiXpG4p1MF44gvYjikQo1nAkM_r7OJUaYtsZJeBBixf71ieF_qioT1pDUhA0_VLFv4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBe0iD_KXR1O0tXaA6ooYNM&google_push=AXcoOmQuP6GkpEncZNkUygP21ANLQUkg0d8ZJbiXpG4p1MF44gvYjikQo1nAkM_r7OJUaYtsZJeBBixf71ieF_qioT1pDUhA0_VLFv4

Request Chain 164

https://d5p.de17a.com/cookies/google?google_gid=CAESEFtXW-Lsa89Dt95wcc209I8&google_cver=1&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFtXW-Lsa89Dt95wcc209I8&google_cver=1&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ

Request Chain 165

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMDeYEjI_siEmdp3pk-bOVk&google_cver=1&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfINnCrimFex_PqHeEbS-m8XII HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMDeYEjI_siEmdp3pk-bOVk&google_cver=1&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfINnCrimFex_PqHeEbS-m8XII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0NzQzODA5NTc2MDUyNTkyNw&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfINnCrimFex_PqHeEbS-m8XII

Request Chain 166

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP3NBMOcdJtS7W_Jc9q5xF0&google_cver=1&google_push=AXcoOmSyyFIaVJ7_6WVFlLCkDWQ3p_YYqansVuHKRjVnJzOl1fG1QURCgB3mOEuMCTGtQZBTa7Vl3z0naxe6dvHAUkBwJGE-neTqlFj_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSyyFIaVJ7_6WVFlLCkDWQ3p_YYqansVuHKRjVnJzOl1fG1QURCgB3mOEuMCTGtQZBTa7Vl3z0naxe6dvHAUkBwJGE-neTqlFj_ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://googleads.g.doubleclick.net/pagead/adview?ai=C-YivTcFWZYy7HeGRjuwP9ZySgAKC07z-c763jdGIEuLxh8T8NhABIODM9pIBYJXikIKgB6ABw7TkigPIAQKpAu8CazzSMrI-qAMByAPJBKoExgFP0Iq4cy8jdaavUNYN79wBfC9titcBzZRi62IItdT_K7CvFo27ZJnpud6tyyKfim0cFpLX7PGgBNHzCRhpAZJQp1W6uEuT4ykAOek5mSkMj7Mm8c1LshMP6B3YPsYje6BuLDRn7dXc6prrSGcRgo7M2MTx7xtaJR1vFmR381Bkw139snd3rjSC6OgNc9qh1oOBn8UalvnFwVkF_c3ZHxwdO1_sh2ZmyhDxP3q79KLHkVhxNyZBFmJjb4hr9lNHNSvqrKujsyrABJfcyvbKBIgFrrHT1kySBQQIBBgBkgUECAUYBKAGAoAHz5SCM6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJHdD9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTtodHRwczovL3N0b3JlLnN0ZWFtcG93ZXJlZC5jb20vYXBwLzE0Njk2MTAvTGFzdF9UcmFpbl9Ib21lL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjEwMDI5NDYzOTA2NzQwNBgA&sigh=10mYLbRiAU0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNIFYz9Sla96k-5nKSEriwSYvNAd06T_47_AU06Vo5voZLqziZJLxhhZIHMo-lNmIFKq0h2SaVGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217662456253965400638%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827923011%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215210669027108290065%22}&andc=true

Request Chain 175

https://googleads.g.doubleclick.net/pagead/adview?ai=C_NjITcFWZaGBHpOfjuwPnYK_iAL6jLeFdLeipNGWEtWzhr-aPxABIODM9pIBYJXikIKgB6AB7rablQHIAQmoAwHIA8uEgIAEqgTPAU_Q-bDi6QQ7T-_RxzH7_6PcWWlzDEuJAXSbcw5_kNzvuL_KEcqX6GcpfRh0wf-47ptImpX0kjjPOREZmYCjAxUrb3mQyOel2yPHHOKnZVPrsa2DIXYZBymufVKwTHKcfRyV2HCJ1sdA7aoXfZg2M1VQeCa4fKJVd-zKTHiEqX5F5YhTPiFGLPjLnFC4s9_a7YqjvpXfGCGEb-mK6V9AEIpnoEiupQqUL0sujRut7XaWjD_3iX4_m3kwAkqI9X4hHP8vHA6-65wcmlQ5IQwv3cAEmNbBiMMEiAWq3s6KTZIFBAgEGAGSBQQIBRgEoAYugAf6yOTqAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDR3APSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkoaHR0cHM6Ly93d3cuZ2FtZS1ob21lcy5jb20vc2hvd2dhbWUuaHRtbIAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItNjEwMDI5NDYzOTA2NzQwNBgA&sigh=Y4Ccza7Xnp4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNXEz2hXT_SckwswaZ68sKydq8UcKlaiq8R2FLDKFokcPpW3n75Lk8eHpA_UTOWEIeseeyDv1LYxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211176431157363816122%22,%22debug_reporting%22:true,%22destination%22:%22https://game-homes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22312925038%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22734129530133882561%22}&andc=true

179 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bbfas.com/
Redirect Chain

http://www.bbfas.com/
https://www.bbfas.com/

95 KB
20 KB

1031ms
993ms

Document
text/html

2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6faa1bc08f0447a4b0a3ee1648f8bd24ca881addfc2ee2759edb6563c4c6472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82742fa69bf9fa40-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:33 GMT
link: <https://www.bbfas.com/index.php/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgJNyraoblelxJeY1dQRKRKgy0THjgv42ZUEqcUf3W0%2FgsUBaL6fxF%2FQFtjQ8VWux45ucou2WgBEvFuuTJn2MDNiK6xVHzn9NeJDL59r1qz5cFBMS%2BAyr7TYpDD30mezxOoTDmBxv5JNyB1J"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82742fa33a5e3a98-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 17 Nov 2023 01:26:32 GMT
Location: https://www.bbfas.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jds%2FfrINXNkTLRXatT5SYToFAPiUFcjgcOvfdVdbmKH1OHZEBgoOh%2BmwA3PQkItZ3fl6zR2BkM8PePPoLkbAlGHNFF9OSMe%2BbVgTDqeUwUkf8wKpIaVkC2U63qzOCxD1LikUjIYTWd0j9XqS"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
www.bbfas.com/wp-includes/blocks/navigation/ 16 KB
3 KB 312ms
311ms Stylesheet
text/css 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/blocks/navigation/style.min.css?ver=6.4.1

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bbfas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:34 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 20:39:49 GMT
server: cloudflare
etag: W/"654aa095-4096"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX08ROoipvz2x5jDcDD%2Bei0e2M%2FxUigOrHCq7ym3oTI7YAUjBsC1SR7C9s10TUQNsI7Nofd4NH8sZWMRWW1Go2lv%2FY5R45vYZfiztlDMSI1y4QWZaRMeXg1ljgCjdlkzOOM1Qdb0SPOsRADb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82742facdcb3fa40-AMS
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H2 200 style.min.css
www.bbfas.com/wp-includes/blocks/image/ 7 KB
2 KB 312ms
312ms Stylesheet
text/css 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/blocks/image/style.min.css?ver=6.4.1

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bbfas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:34 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 20:39:49 GMT
server: cloudflare
etag: W/"654aa095-1b43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtPUtdvIOP%2FCXsYd825gDG%2F5xBWhgJ02n%2Fvcku%2B%2FOA%2FNVNHa4giqtNFyVGBd%2BUNd0w%2BvAKBrpr6dGl81ALmjIH3v%2FvjfjBP1RqduGzHphDLUbb6Ql1%2B%2BJ%2BZXdiqfnRvJXsdSwIjdNpAx9Boh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82742facdcb4fa40-AMS
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H2 200 style.min.css
www.bbfas.com/wp-includes/blocks/cover/ 18 KB
2 KB 1094ms
1094ms Stylesheet
text/css 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/blocks/cover/style.min.css?ver=6.4.1

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bbfas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:34 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 20:39:49 GMT
server: cloudflare
etag: W/"654aa095-47c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXvWLfBriZC0TDQziIEaIOH%2FTahrHRLoVfy4a06mVJpkLxDWn8KHPkzTLfoRxQEfMPfc7UkMlGbO1R%2FwqA46VOv1xUcHPCe9%2B37WI7jPETMY6XHo0HuSNKisHHeRqCLwGL8ZhWqL%2BXXsW%2FMk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82742facdcb5fa40-AMS
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H3 200 style.min.css
www.bbfas.com/wp-content/themes/greenshift/assets/ 2 KB
1 KB 1508ms
1507ms Stylesheet
text/css 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-content/themes/greenshift/assets/style.min.css?ver=0.6

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0827461d40f0655dec967065c809e6de01bed7e2b8600ac8d837a53e9d930f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bbfas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Mar 2023 20:41:00 GMT
server: cloudflare
etag: W/"640b95dc-8e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m3zTgzkgEZAkHa6L%2FmyBSQ%2FFDU%2BW2zCE9wnVshgI7nNS%2BStnHZgzivjq08Gx86iNHX0YvbPxbfb%2BVemtncEH%2F6hV1Hfn2A45qPhsmtysSea0XyDU87quEoWJz%2FfqnnEoFyb0ZI1i4VvTOpj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82742fadcb0e9b40-FRA
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H3 200 khl202211241246520-1_199x199.png
www.bbfas.com/wp-content/uploads/2023/03/ 38 KB
38 KB 1450ms
1449ms Image
image/png 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bbfas.com/wp-content/uploads/2023/03/khl202211241246520-1_199x199.png

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211b5b2edee764efb0748c824277cbff59842682d42c0d50bfd4b35f880172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 38530
last-modified: Sat, 11 Mar 2023 13:38:36 GMT
server: cloudflare
etag: "640c845c-9682"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCsNM9xtd8LTwz40ZT1KN7ri1UEXqXg83VrZd4xrhKF5XyUyok6VZUKHfWlcH7Cxa4oratxCLUggqNtYv8SwsQKDFu4NgObyVgXWDNCRWAodsk4dmPpaC8OIEhbx5cJgy6XNzutDBNRDgPyb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82742fadcb109b40-FRA
expires: Sat, 16 Dec 2023 23:35:59 GMT

GET
H2 200 up.txt Show response
down.bbfas.com/Alice/ Frame C9E5 16 KB
6 KB 809ms
796ms Document
text/plain 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://down.bbfas.com/Alice/up.txt

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b90d18e87a90ffd9ed8cc76f579434231525dd52171d2f51c45a30705abfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82742fadece0fa40-AMS
content-encoding: br
content-type: text/plain
date: Fri, 17 Nov 2023 01:26:34 GMT
etag: W/"65552a31-3eb9"
last-modified: Wed, 15 Nov 2023 20:29:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ%2FBTzOqV2R0lciP6skn7DeZcmymRBmArOJJZQ6E9HHw59iUEfw2%2FZVI90xaxBJ%2Fl5ftp8sJzgoc5MqBgr6nvygREd0CnOUiJbOVYwcQCdRJd1fCHDnn0IupTLcWSvyli8lhy1DXGMaLREt%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2

200

widget Show response
www.kookapp.cn/ Frame A548
Redirect Chain

https://kookapp.cn/widget?id=8682642795285297&theme=dark
https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

4 KB
4 KB

444ms
444ms

Document
text/html

43.132.107.24
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.132.107.24 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

6fdb36f5bdbffb1e02520fff7d58e07b10d1c4fc09b398d2691f0943ae3d7e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 3908
content-type: text/html
date: Fri, 17 Nov 2023 01:26:35 GMT
etag: "653bc6c8-f44"
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: nginx/1.20.1
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 17 Nov 2023 01:26:34 GMT
location: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

GET
H2 502 guild
www.kookapp.cn/api/v3/badge/ 0
0 1064ms
517ms Image
text/html 43.132.107.24
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kookapp.cn/api/v3/badge/guild?guild_id=8682642795285297&style=2
Requested by: Host: www.bbfas.com
URL: https://www.bbfas.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.107.24 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 I4NWEQHb741z4140.png
img.kookapp.cn/assets/2023-03/ 83 KB
84 KB 1258ms
871ms Image
image/webp 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kookapp.cn/assets/2023-03/I4NWEQHb741z4140.png

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

be56911b9aecc606faa7439f0dfe027667fd0c5cef74eb7ea2b0766ddf832f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Mon, 09 Oct 2023 16:58:52 GMT
via: cache75.l2cn3137[0,0,200-0,H], cache50.l2cn3137[0,0], cache15.cn305[20,20,200-0,M], cache1.cn305[25,0]
content-md5: eAL8UNpOCiKb6a4TnBrqMA==
age: 3313662
x-swift-cachetime: 27790338
x-cache: MISS TCP_MISS dirn:10:318942380
x-swift-savetime: Fri, 17 Nov 2023 01:26:34 GMT
content-length: 85296
last-modified: Sun, 12 Mar 2023 14:01:23 GMT
server: Tengine
etag: "7802FC50DA4E0A229BE9AE139C1AEA30"
vary: Origin
ali-swift-global-savetime: 1696870732
content-type: image/webp
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843945307126e

GET
H2 200 eVbye0Nvlt0u40gy.png
img.kookapp.cn/assets/2023-06/ 18 KB
19 KB 1471ms
1083ms Image
image/webp 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kookapp.cn/assets/2023-06/eVbye0Nvlt0u40gy.png

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

154c34e3a329c77a3bd786660d4eb8132b1d28068770c7a404e954bf4d05e7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Thu, 09 Nov 2023 07:12:29 GMT
via: cache30.l2cn3137[0,0,200-0,H], cache51.l2cn3137[1,0], cache3.cn305[23,23,200-0,M], cache1.cn305[30,0]
content-md5: xwvRR8UPxvBqziFV3sTKbQ==
age: 670444
x-swift-cachetime: 30433556
x-cache: MISS TCP_MISS dirn:10:316589515
x-swift-savetime: Fri, 17 Nov 2023 01:26:34 GMT
content-length: 18742
last-modified: Mon, 05 Jun 2023 02:53:04 GMT
server: Tengine
etag: "C70BD147C50FC6F06ACE2155DEC4CA6D"
vary: Origin
ali-swift-global-savetime: 1699513950
content-type: image/webp
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843945307121e

GET
H2 200 Hj4Jy16IkL1z4140.png
img.kookapp.cn/assets/2023-03/ 114 KB
114 KB 1184ms
797ms Image
image/webp 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.kookapp.cn/assets/2023-03/Hj4Jy16IkL1z4140.png

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4e22e8b62bd87578230ea9106408a702886ffe8c2d01c77350f7776cc3dd5367

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Mon, 09 Oct 2023 16:58:52 GMT
via: cache42.l2cn3137[0,0,200-0,H], cache59.l2cn3137[1,0], cache18.cn305[21,20,200-0,M], cache1.cn305[25,0]
content-md5: Z+0QVG0COo0R49g/w2EOUQ==
age: 0
x-swift-cachetime: 27790339
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 17 Nov 2023 01:26:34 GMT
content-length: 116626
last-modified: Wed, 08 Mar 2023 08:27:00 GMT
server: Tengine
etag: "67ED10546D023A8D11E3D83FC3610E51"
vary: Origin
ali-swift-global-savetime: 1696870733
content-type: image/webp
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843945307116e

GET
H3 200 logos.svg
www.bbfas.com/wp-content/themes/greenshift/assets/img/ 57 KB
22 KB 1425ms
1425ms Image
image/svg+xml 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bbfas.com/wp-content/themes/greenshift/assets/img/logos.svg

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7801a455185d39a4979203d7fbdb81abc8fffc22e2207184c20fcbaa5bacd403

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 10 Mar 2023 20:41:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"640b95dc-e423"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGlYnCd6SJse%2B9TqCW5OfCut7cwIRJ9lhFkJNOMn2SmiMwOYbi%2BswMorjAhYMt1xbclq%2F%2Bn8QjDWQStUpdXDU3bhvps12zaNMR1cyRAl%2FIS35ziXOmPW5guxjCz5N67ZcRjvUMKe6IhNTxM6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1200
cf-ray: 82742faddb119b40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:33 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65568fe4-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9x55HU4ZgakZ3T0jjbYUSxWAAXXhbzouKDRVKHDD4p3NYjoXrtnlrlFprzXV9Cw%2BA34M2jT5hI3%2FjhG8Hd5E0iXeRBib%2BoJmNtFZzxFNJUgpvwo%2BA%2BvWRviAAaiPUxGfih%2Fw9ugfqc%2BY84W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82742fadeb1a9b40-FRA
expires: Sun, 19 Nov 2023 01:26:33 GMT

GET
H2 206 63f912e6ee719.mp4
img.kookapp.cn/attachments/2023-02/25/ 175 KB
0 1464ms
1097ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/25/63f912e6ee719.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=5184000
date: Wed, 11 Oct 2023 19:34:36 GMT
via: cache18.l2cn3137[0,0,206-0,H], cache61.l2cn3137[1,0], cache16.cn305[0,19,206-0,H], cache1.cn305[30,0]
age: 3131518
x-swift-cachetime: 28192591
x-cache: HIT TCP_HIT dirn:7:1137959079 mlen:37748736
Content-Range: bytes 0-39970924/39970925
content-disposition: attachment; filename="202302250206_x264.mp4"
x-swift-savetime: Tue, 14 Nov 2023 12:18:05 GMT
Content-Length: 39970925
last-modified: Fri, 24 Feb 2023 19:41:27 GMT
server: Tengine
etag: "2ADFD7415B66CA82C23E787A7BDD72C5-39"
vary: Origin
ali-swift-global-savetime: 1697052876
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843945307135e

GET
H2 206 63edea581cefc.mp4
img.kookapp.cn/attachments/2023-02/16/ 111 KB
0 903ms
537ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/16/63edea581cefc.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=5184000
date: Sun, 12 Nov 2023 05:53:42 GMT
via: cache38.l2cn3071[0,0,206-0,H], cache56.l2cn3071[3,0], cache11.cn305[0,9,206-0,H], cache1.cn305[17,0]
age: 415972
x-swift-cachetime: 30999732
x-cache: HIT TCP_HIT dirn:7:425886590
Content-Range: bytes 0-21169651/21169652
content-disposition: attachment; filename="ç¯ç½ªä¹ç¥æ¼ç¤º.mp4"
x-swift-savetime: Mon, 13 Nov 2023 10:51:30 GMT
Content-Length: 21169652
last-modified: Thu, 16 Feb 2023 08:33:28 GMT
server: Tengine
etag: "90E363425FE1A5AFAFC76076E1F5C4A9-21"
vary: Origin
ali-swift-global-savetime: 1699768422
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843945307129e

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js Show response
www.bbfas.com/ava/ 17 B
543 B 1957ms
1956ms Script
application/javascript 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/ava/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19
alt-svc: h3=":443"; ma=86400
content-length: 17
cf-bgj: minify
last-modified: Sat, 11 Mar 2023 09:46:22 GMT
server: cloudflare
etag: "640c4dee-13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cOxfzrtIrbbQdsYVQN7d0wZizdzzkJx8nA4BVhclc4zIxi0OoMppyANlm%2FmwG77Tcvqy%2Bxf8BE26pzloArjPcCtX8vVM7KO7YEmabSyqs9rPCN16FXgeYrH4lMAYcHW7c4j2vJGe3NyrQSg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 82742fb77f1f9b40-FRA
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6100294639067404

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d42abf88b944a10f8889cdf8fde97a37eef51470ca9021ea706fab884a099bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.bbfas.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52707
x-xss-protection: 0
server: cafe
etag: 16504075583819867036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:35 GMT

GET
H3 200 view.min.js Show response
www.bbfas.com/wp-includes/blocks/navigation/ 4 KB
2 KB 1082ms
1081ms Script
application/javascript 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 20:39:49 GMT
server: cloudflare
etag: W/"654aa095-e02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v40sZ6X6aRyHWIUj4ItG9bGriDyGDNYqEa6ULUAmdteEAu6J79pflNK9o3HHQ%2BJXfpwvgMnEsuC6e%2BN%2FW1VkMdKW9aHf1HYfRFWDe16kV7%2FJuQ8POnlk2t4WUvZvWD79N5WfEqd182BLOrRs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82742fb77f219b40-FRA
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H3 200 interactivity.min.js Show response
www.bbfas.com/wp-includes/js/dist/ 32 KB
13 KB 1892ms
1891ms Script
application/javascript 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/js/dist/interactivity.min.js?ver=6.4.1

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 20:39:49 GMT
server: cloudflare
etag: W/"654aa095-7e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba6K3Bv9g6%2F9ODVN7deGFN0yO0UcbV8390yUueRnurFaZHtSZRJPHiYJKlwiRnzhbrRs1t0VPjYgkxO23jxTEJPbHkqX8LTq1AU1H4o%2F74z3stzUy%2Fwh1SY%2BfWxNWtyoayleaBLZuH8c1zq6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82742fb77f229b40-FRA
expires: Fri, 17 Nov 2023 12:52:13 GMT

GET
H3

200

main.js Show response
www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 925B
Redirect Chain

https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc384231fff48f3f3b1dc9abfdb33582715bc690987d56b2d708e48ee9a7bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRaIhwF4QfqGkK8y7USOC7JGivFFr4kbOkWPtcc306PiN%2FmEDf5Zk7gGLzXhNI3AkhAYexAUi5AQBFNfmWtxamQfzYmboTT%2BNqZ39mAuuaRncT05q5jXeu9GS56k%2FcWnn2tgEAjrYTD2KIZH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82742fb79f359b40-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7fPMndat%2FwjnW4R6SbQlPdZY37sH0FVadrEXYE9td%2BDKo9Eic6jSN%2F05hBOiJ5R%2BSv6ty69t%2BdhRTrbvQaN4BP4oDuKZyjkU%2BChruFpOe5pGUGfCurMcw%2FgfNoLXxYH%2Fps1n%2Fnc6%2FEqGRqi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82742fb78f269b40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 206 63edea581cefc.mp4
img.kookapp.cn/attachments/2023-02/16/ 1 KB
2 KB 237ms
237ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/16/63edea581cefc.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6cacd39ec719e12fd9aaf45132e4506c9a1fb0a046d590d07a69a4403627a27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=21168128-

Response headers

strict-transport-security: max-age=5184000
date: Sun, 12 Nov 2023 05:53:42 GMT
via: cache38.l2cn3071[0,0,206-0,H], cache56.l2cn3071[3,0], cache11.cn305[0,0,206-0,H], cache1.cn305[3,0]
age: 415973
x-swift-cachetime: 30999732
x-cache: HIT TCP_MEM_HIT dirn:7:425886590
Content-Range: bytes 21168128-21169651/21169652
content-disposition: attachment; filename="ç¯ç½ªä¹ç¥æ¼ç¤º.mp4"
x-swift-savetime: Mon, 13 Nov 2023 10:51:30 GMT
Content-Length: 1524
last-modified: Thu, 16 Feb 2023 08:33:28 GMT
server: Tengine
etag: "90E363425FE1A5AFAFC76076E1F5C4A9-21"
vary: Origin
ali-swift-global-savetime: 1699768422
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843955282561e

POST
H3 200 82742fa69bf9fa40 Show response
www.bbfas.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 925B 0
567 B 23ms
23ms XHR
text/plain 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/jsd/r/82742fa69bf9fa40

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 01:26:35 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GBD9hyyWhOJ90vb4h1n6XqTuYr%2F6Q4Ml0WZeOG47nTla5WqDUCPCiHKDaRr%2BSewwsBtTUEfVKq%2F6OIK91u%2Bpo1FS85JAJnBv3wwg3j5c3mgnKQ7ertpQuHVhYLMY7nviayHbSEJGu7QgUh1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82742fb85f7b9b40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 398.8c9cdbe5.js Show response
static.kookapp.cn/app/static/js/ Frame A548 186 KB
58 KB 995ms
9ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/398.8c9cdbe5.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

761e4c7a311ea44a9d4d36151a55f623799d1a5726e3069b6c0323451e96331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-2e98d"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 11007184411469245737
accept-ranges: bytes
content-length: 58938

GET
H2 200 328.55f0a8ca.js Show response
static.kookapp.cn/app/static/js/ Frame A548 2 MB
464 KB 995ms
10ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/328.55f0a8ca.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9d2ced2fdae09cd68cdcf6178aa8a2d4bce4e865d707c6e682dc224a3fa7fa6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-19df5c"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 5731961230198059856
accept-ranges: bytes
content-length: 474075

GET
H2 200 421.8c31dbaf.js Show response
static.kookapp.cn/app/static/js/ Frame A548 59 KB
14 KB 22ms
20ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/421.8c31dbaf.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

c8aeb2b43b52eb5c20d8a08e63921b137c23829d85fc4c8da5da7c8957901d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-eb5f"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 15754292921719988794
accept-ranges: bytes
content-length: 14169

GET
H2 200 830.22ca46ff.js Show response
static.kookapp.cn/app/static/js/ Frame A548 25 KB
8 KB 23ms
22ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/830.22ca46ff.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

501afd4a7a7a0012d74b874ea619603346d67d71a5faba8466e71717034d19f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-64aa"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 17749602706433642157
accept-ranges: bytes
content-length: 8145

GET
H2 200 684.3ee176c4.js Show response
static.kookapp.cn/app/static/js/ Frame A548 158 KB
45 KB 23ms
21ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/684.3ee176c4.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

3a6daeb1c4e73349347e618ef1a7ff77e6757c4f7816f7de20a30fe35c7f2a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-2792f"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 1274566351024806111
accept-ranges: bytes
content-length: 45734

GET
H2 200 283.a99f9d56.js Show response
static.kookapp.cn/app/static/js/ Frame A548 4 KB
2 KB 24ms
22ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/283.a99f9d56.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

270a0c957b22c7d2b3f40891d87512a52620ac6c0892de9c9f56a005c5778255

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-ee7"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 8247074896049622832
accept-ranges: bytes
content-length: 1488

GET
H2 200 8.6e7ec954.js Show response
static.kookapp.cn/app/static/js/ Frame A548 1018 KB
238 KB 23ms
22ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/8.6e7ec954.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7de60935a70bad157b051290409ca10bae2c5d0360122310304cc965a83418a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 27 Sep 2023 09:57:13 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "6513fc79-fe98f"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 10851567226220327619
accept-ranges: bytes
content-length: 243729

GET
H2 200 784.21c63310.js Show response
static.kookapp.cn/app/static/js/ Frame A548 3 MB
2 MB 32ms
31ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/784.21c63310.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d8a8ae4a627472bad3afd2a90b266cf261d4a98daea4ef653fd74ed543bb83ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-2f31e2"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 5300520141826548447
accept-ranges: bytes
content-length: 2258528

GET
H2 200 159.8e25f642.js Show response
static.kookapp.cn/app/static/js/ Frame A548 289 KB
69 KB 26ms
24ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/159.8e25f642.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d8cdcd1116d81f8e455e4d96e85b097be130d1c0db94935060b3783537c345ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-482c4"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 5029300428487409100
accept-ranges: bytes
content-length: 70919

GET
H2 200 widget.0eb22f85.js Show response
static.kookapp.cn/app/static/js/ Frame A548 19 KB
8 KB 30ms
29ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/js/widget.0eb22f85.js

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

f7a10097e318c412b41695d9001f6bf3f37ca3bf84e28a4b874295b82cd6196f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-4b63"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 9116084445102136934
accept-ranges: bytes
content-length: 7577

GET
H2 200 398.ed4393a9.chunk.css
static.kookapp.cn/app/static/css/ Frame A548 27 KB
5 KB 992ms
8ms Stylesheet
text/css 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/css/398.ed4393a9.chunk.css

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

3cbc5cf71a61ce9fced5dba8b4fe63ca8a4435f2cd023ded2301df2f8fe21c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-6a2f"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/css
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 10643869019873079330
accept-ranges: bytes
content-length: 4908

GET
H2 200 830.670172b4.chunk.css
static.kookapp.cn/app/static/css/ Frame A548 23 KB
5 KB 992ms
7ms Stylesheet
text/css 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/css/830.670172b4.chunk.css

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d65984021644d8ef55eee451fc6957703ee4347389de8acd38874e2fef315118

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-5d5f"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/css
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 8753346618084981873
accept-ranges: bytes
content-length: 4837

GET
H2 200 8.34ed83c0.chunk.css
static.kookapp.cn/app/static/css/ Frame A548 120 KB
44 KB 992ms
8ms Stylesheet
text/css 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/css/8.34ed83c0.chunk.css

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

8e70c23200e50316f8fec1e74e2aae129ae95d48e16a79c44627dddfc094ea99

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-1def4"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/css
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 12818585458959312232
accept-ranges: bytes
content-length: 44747

GET
H2 200 784.7b6bb9bf.chunk.css
static.kookapp.cn/app/static/css/ Frame A548 116 KB
50 KB 992ms
8ms Stylesheet
text/css 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/css/784.7b6bb9bf.chunk.css

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e6cf10ae588a4f858d7c799d4c42e121c9ba1e1f4a7b63979f78906d8d05b6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-1d00e"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/css
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 5080548927202821027
accept-ranges: bytes
content-length: 51209

GET
H2 200 widget.252e37b3.chunk.css
static.kookapp.cn/app/static/css/ Frame A548 40 KB
8 KB 993ms
9ms Stylesheet
text/css 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.kookapp.cn/app/static/css/widget.252e37b3.chunk.css

Requested by

Host: www.kookapp.cn
URL: https://www.kookapp.cn/widget?id=8682642795285297&theme=dark

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

23db5b1877fa5db2a594c770002c7856fddde3da92dea17e5a7f626b12258cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kookapp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 27 Oct 2023 14:18:48 GMT
server: Lego Server
strict-transport-security: max-age=1;
etag: "653bc6c8-a0d9"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/css
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 3157497242404803682
accept-ranges: bytes
content-length: 8404

GET
H2 206 63f912e6ee719.mp4
img.kookapp.cn/attachments/2023-02/25/ 26 KB
26 KB 193ms
192ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/25/63f912e6ee719.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

cefbe458311a8c673f57656ea460dd0b1437ae7ed1d1b5b47e437702e1020252

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=39944192-

Response headers

strict-transport-security: max-age=5184000
date: Wed, 11 Oct 2023 19:34:36 GMT
via: cache18.l2cn3137[0,0,206-0,H], cache61.l2cn3137[1,0], cache16.cn305[0,0,206-0,H], cache1.cn305[6,0]
age: 3131519
x-swift-cachetime: 28192591
x-cache: HIT TCP_MEM_HIT dirn:7:1137959079 mlen:0
Content-Range: bytes 39944192-39970924/39970925
content-disposition: attachment; filename="202302250206_x264.mp4"
x-swift-savetime: Tue, 14 Nov 2023 12:18:05 GMT
Content-Length: 26733
last-modified: Fri, 24 Feb 2023 19:41:27 GMT
server: Tengine
etag: "2ADFD7415B66CA82C23E787A7BDD72C5-39"
vary: Origin
ali-swift-global-savetime: 1697052876
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843956673039e

GET
H2 206 63edea581cefc.mp4
img.kookapp.cn/attachments/2023-02/16/ 207 KB
0 187ms
187ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/16/63edea581cefc.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=98304-

Response headers

strict-transport-security: max-age=5184000
date: Sun, 12 Nov 2023 05:53:42 GMT
via: cache38.l2cn3071[0,0,206-0,H], cache56.l2cn3071[3,0], cache11.cn305[0,0,206-0,H], cache1.cn305[7,0]
age: 415973
x-swift-cachetime: 30999732
x-cache: HIT TCP_MEM_HIT dirn:7:425886590
Content-Range: bytes 98304-21169651/21169652
content-disposition: attachment; filename="ç¯ç½ªä¹ç¥æ¼ç¤º.mp4"
x-swift-savetime: Mon, 13 Nov 2023 10:51:30 GMT
Content-Length: 21071348
last-modified: Thu, 16 Feb 2023 08:33:28 GMT
server: Tengine
etag: "90E363425FE1A5AFAFC76076E1F5C4A9-21"
vary: Origin
ali-swift-global-savetime: 1699768422
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843957763384e

GET
H2 206 63f912e6ee719.mp4
img.kookapp.cn/attachments/2023-02/25/ 175 KB
0 186ms
186ms Media
application/octet-stream 240e:bf:c800:1d00:3::3b2
CHINANET-IDC-SN C...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.kookapp.cn/attachments/2023-02/25/63f912e6ee719.mp4

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

240e:bf:c800:1d00:3::3b2 , China, ASN4835 (CHINANET-IDC-SN China Telecom Group, CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=163840-

Response headers

strict-transport-security: max-age=5184000
date: Wed, 11 Oct 2023 19:34:36 GMT
via: cache18.l2cn3137[0,0,206-0,H], cache61.l2cn3137[1,0], cache16.cn305[0,0,206-0,H], cache1.cn305[3,0]
age: 3131519
x-swift-cachetime: 28192591
x-cache: HIT TCP_MEM_HIT dirn:7:1137959079 mlen:34603008
Content-Range: bytes 163840-39970924/39970925
content-disposition: attachment; filename="202302250206_x264.mp4"
x-swift-savetime: Tue, 14 Nov 2023 12:18:05 GMT
Content-Length: 39807085
last-modified: Fri, 24 Feb 2023 19:41:27 GMT
server: Tengine
etag: "2ADFD7415B66CA82C23E787A7BDD72C5-39"
vary: Origin
ali-swift-global-savetime: 1697052876
content-type: application/octet-stream
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
eagleid: 7522281517001843958893836e

GET
BLOB 200
OK 06cbad31-86d6-4d29-a5e9-51adeba1a988
https://www.bbfas.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bbfas.com/06cbad31-86d6-4d29-a5e9-51adeba1a988
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 57ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6100294639067404&plah=www.bbfas.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6100294639067404

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a44560dfbabe92d5252f2cf14739c5783644229073e3da5c76b146cc15efbfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138527
x-xss-protection: 0
server: cafe
etag: 13142030569222344479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:36 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 61D2 9 KB
4 KB 28ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6100294639067404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FCA 674 KB
112 KB 501ms
500ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&adk=1812271804&adf=3025194257&lmt=1700184396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184396736&bpp=3&bdt=3010&idt=107&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2939426495951&frm=20&pv=2&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=126

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6100294639067404&plah=www.bbfas.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53fde292e957085cb5f668d028d3316ed7fd40bc93def47f6680d6d3646d39ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 114493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
expires: Fri, 17 Nov 2023 01:26:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55800
x-xss-protection: 0
server: cafe
etag: 15907131197518248745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B557 106 KB
40 KB 475ms
475ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b3437887b101fd7f24e4cfeb62e8deb18597d70807176a8f80869b9eed3cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
expires: Fri, 17 Nov 2023 01:26:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D382 140 KB
44 KB 415ms
414ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47e72842106bdff33b0732d62873da4dc9709cd62842076374acb6b5482413cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45046
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
expires: Fri, 17 Nov 2023 01:26:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 925B
Redirect Chain

https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

13ms
12ms

Script
application/javascript

2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81fa26962caa75a49c8cd4ae3b38677608f878125e63a705ba63f65444f50fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNfMYxmYHPMTHsbIfFVScCpCqU4MNX94NqVOwXDG2wdmYmDPwwg6JYWExansYmdmDO2JAkWoLbh%2ByEszzivOd2XiQCfyyezU6C%2F77GIPVT%2Bf12Oroi56m7XNtuiU2DKz6bHo5EJwM6tBXcG4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82742fc49b579b40-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2e6OICLOJ%2F%2FLPyvAj7NQ%2BFLBuW%2BDJ6vFx5Kl6oDvl4iBMOX1yC0kVcsglUdvOyUbvKkpqYHyRrbfmElPEKLKuFQYflC%2F%2FvDA43Z7%2BNk8Fd4qEh9W7Uq2y3IFwEP0IGtX4Wde8L9BkjJHauQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82742fc44b2d9b40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 21ms
20ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

644245f8610ceb1b0b7c633fae305b7ac847dbb3e0d9d8dd567124d073ec19a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
www.bbfas.com/wp-includes/js/ 18 KB
5 KB 302ms
301ms Script
application/javascript 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:48:07 GMT
server: cloudflare
etag: W/"6424a407-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGJqMOU7pm4QX5MToeF99GummJym0z%2Bc%2BRUWTMEdYQKGyvhVYJ01wgOdDKsOSYiTbbcBTeTmwhJDVNMlc8bVoJnUo6A7sBq4%2Ft1XqzpIxjcCPZGDcbeV7wkYvtrADNJApbNrWLtYlWANNUmq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82742fc45b359b40-FRA
expires: Fri, 17 Nov 2023 12:52:15 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 2B77 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame F374 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame EF82 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame E653 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 104ms
69ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2B77 4 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 01:18:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B77 205 B
295 B 38ms
16ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 7181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B77 604 B
920 B 37ms
15ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 266186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2B77 15 KB
7 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:42:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2B77 21 KB
9 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:53:08 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame FC3A 9 KB
4 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 21:01:41 GMT

GET
H2 200 7c8fef2b841c224dc9dd256dc808a409.js Show response
www.gstatic.com/mysidia/ Frame FC3A 42 KB
16 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 21:16:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FC3A 2 KB
903 B 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:25 GMT

GET
H2 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame FC3A 23 KB
10 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 23:43:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame FC3A 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FC3A 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FC3A 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC3A 203 KB
64 KB 73ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame FC3A 37 KB
15 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame C2B9 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 21:01:41 GMT

GET
H2 200 7c8fef2b841c224dc9dd256dc808a409.js Show response
www.gstatic.com/mysidia/ Frame C2B9 42 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 21:16:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2B9 2 KB
822 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:25 GMT

GET
H2 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame C2B9 23 KB
10 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 23:43:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C2B9 23 KB
9 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2B9 3 KB
1 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2B9 20 KB
8 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2B9 203 KB
64 KB 90ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame C2B9 37 KB
15 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E653 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA95 143 B
166 B 11ms
8ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E653 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E653 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H3 200 5725918457812857260
tpc.googlesyndication.com/simgad/ Frame E653 10 KB
10 KB 11ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5725918457812857260?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcIJdStV7mVM3Bl4njcPepZR1SHQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ad454d3a8cd1aafc3134187d4a53ddc58ba46cfdcbe0f79d626ae38658588a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:32 GMT
x-content-type-options: nosniff
age: 99185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10655
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:31:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 21:53:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E653 203 KB
64 KB 113ms
109ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E653 36 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:10 GMT

POST
H3 200 82742fa69bf9fa40 Show response
www.bbfas.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 925B 0
565 B 30ms
29ms XHR
text/plain 2606:4700:3034::6815:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbfas.com/cdn-cgi/challenge-platform/h/g/jsd/r/82742fa69bf9fa40

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:187f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
strict-transport-security: max-age=0; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP5g3kCsheHSAC0sFFCnkZS40sg2%2F%2B1vRxhsdt%2Fk9S9FLAAdCoPfgXieFmiIyXpxCESsDI6sjMWJryk4O9YWYlxRZXvoxrlp6QayZBAKLY0mLPmw5r1o1C3gfMrOxPlh9Loy6zV7N2fAZWVy"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82742fc5bbce9b40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 627B 14 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 627B 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 627B 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D3D 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 627B 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 627B 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 627B 203 KB
64 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 627B 37 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
DATA 200
OK truncated
/ Frame E653 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1ecaf362e80e2d46d76e0c46d3ff19591a89136e850fa20a664055a8c1725cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9556 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 07B0 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5a9ec9214be48dd6c96c72643c49b173ba24db65396586291026986f05c671f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MCJ6jH-KKa9chY2sEIDTbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MCJ6jH-KKa9chY2sEIDTbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
expires: Fri, 17 Nov 2023 01:26:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E653
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6oAqTMFWZaTyNaqhjuwPy-K8kALFhPGLdJP4lpmeEtu95frHJRABIODM9pIBYJXikIKgB6ABmKqOtQHIAQKpAu8CazzSMrI-qAMByAPJBKoExQFP0BOr0y6vvabv_zci05ZZd1lLTXIvQ3g...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222421827679504233804%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%222...

0
0

58ms
41ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222421827679504233804%22,%22debug_reporting%22:true,%22destination%22:%22https://gravis.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379819288%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22710893704694619329%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2421827679504233804","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"710893704694619329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:26:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2421827679504233804","debug_reporting":true,"destination":"https://gravis.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379819288"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"710893704694619329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA95
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
15ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
expires: Fri, 17 Nov 2023 01:26:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D382 2 KB
566 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:31:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D382 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D382 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D382 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D382 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D382 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwE-CnB_D8YNUjNcgVKRfPR7Fz9OvmTq6dASxw2Y0YFZArZaF7iUTBjX-o_vecKWCzo8nzJFjw3kTr9uQ_0RHNdVgocg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D382 203 KB
64 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:37 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame D382 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
DATA 200
OK truncated
/ Frame FC3A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb96ed82b53bd4ffb94b7703a44d580a64a33493d0121870a3b70d6427a758e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C2B9 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9994fd59950300417e2caeaeb412b8522597fca9945ca3d33d26756e0f869be5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 24E2 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame AA73 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C26 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 10067316823480863907
tpc.googlesyndication.com/daca_images/simgad/ Frame B557 88 KB
88 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10067316823480863907

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a557c73da7620fb6f60332feef4757a9e4c318550a406fc65073c7845ecbf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:41 GMT
x-content-type-options: nosniff
age: 100377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90308
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 14:05:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 21:33:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B557 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B557 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B557 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B557 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNAJA6noMFWpE3bSvSV0-EIVr9l33a7Kk6O5s4Fz3rb-EF7h6vpYL7AbtqHio625JVoIDltTo0zVj_AusKkJOxqpsILw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B557 203 KB
64 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:26:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B557 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:10 GMT

GET
H3 200 8188025878082105171
tpc.googlesyndication.com/gpa_images/simgad/ Frame D382 13 KB
13 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/8188025878082105171

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8145b846b5bf4933e15fb1de4e0a3e1289b924b5f991322af81eba3f4b5e9d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 07:20:53 GMT
x-content-type-options: nosniff
age: 583545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:36:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Nov 2024 07:20:53 GMT

GET
H3 200 9298600313812056818
tpc.googlesyndication.com/gpa_images/simgad/ Frame D382 8 KB
8 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9298600313812056818

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c43027e79db60dc95d355a14fbf602e755f33be6ab8262a81b616f7ffd193b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:01:27 GMT
x-content-type-options: nosniff
age: 59111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8061
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 23:39:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 09:01:27 GMT

GET
H3 200 9470263474662218337
tpc.googlesyndication.com/gpa_images/simgad/ Frame D382 10 KB
10 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9470263474662218337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f44e4133ac0d64c04c7b5efcbe8f5ba3083bbc7b6fc04eec1eec9d81824597f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 19:48:40 GMT
x-content-type-options: nosniff
age: 279478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9942
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 00:57:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Nov 2024 19:48:40 GMT

GET
H3 200 9207851692253669992
tpc.googlesyndication.com/gpa_images/simgad/ Frame D382 14 KB
14 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9207851692253669992

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

378413e38519ccd7db718eb93246e48944ba8c8a917eac6eec2d59f4f95d8fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:05:09 GMT
x-content-type-options: nosniff
age: 19289
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 23:27:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 20:05:09 GMT

GET
H3

200

767869735684485540
tpc.googlesyndication.com/simgad/ Frame D382
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA3OfPchCWARiWATIIhE7Z1rh2wT0
https://tpc.googlesyndication.com/simgad/767869735684485540

44 KB
44 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/767869735684485540

Requested by

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

939f200dce2c69c1d1efca2338bb8f1047de095bf5e289559d21f1be24bf0b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:41:47 GMT
x-content-type-options: nosniff
age: 99891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44763
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 09:31:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 21:41:47 GMT

Redirect headers

date: Thu, 16 Nov 2023 07:40:31 GMT
x-content-type-options: nosniff
server: cafe
age: 63967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/767869735684485540
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Dec 2023 07:40:31 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FC3A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CXHJETMFWZaLyNaqhjuwPy-K8kALI4OqfdPSewu6GEtrZHhABIODM9pIBYJXikIKgB6AB1_i41ynIAQmpAu8CazzSMrI-qAMByANIqgTXAU_QGYODP1v-bktTkVDoYxUAhnb6In7T_d-lSaT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212191903555390464234%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%22...

0
0

43ms
42ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212191903555390464234%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211189238871%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213616447778385964737%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12191903555390464234","debug_reporting":true,"destination":"https://amazon.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11189238871"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"13616447778385964737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:26:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12191903555390464234","debug_reporting":true,"destination":"https://amazon.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11189238871"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"13616447778385964737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C2B9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CS443TMFWZaPyNaqhjuwPy-K8kALI4OqfdPSewu6GEtrZHhABIODM9pIBYJXikIKgB6AB1_i41ynIAQmpAu8CazzSMrI-qAMByANIqgTXAU_QgGEwTC3xtalyl8w8rZIsq4XkCk2R2QX7i_t...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224805886307154570111%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%222...

0
0

43ms
43ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224805886307154570111%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211189238871%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212180478433062206609%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4805886307154570111","debug_reporting":true,"destination":"https://amazon.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11189238871"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"12180478433062206609"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:26:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4805886307154570111","debug_reporting":true,"destination":"https://amazon.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11189238871"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"12180478433062206609"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:38 GMT
expires: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
41ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/ Frame 9DBF 3 KB
1 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb83065c001b8568be3467f764da666416ca8273796acc39ef5fa7a5299fb786

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1371
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:03:41 GMT
expires: Fri, 15 Nov 2024 15:03:41 GMT
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/ Frame 6738 3 KB
1 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb83065c001b8568be3467f764da666416ca8273796acc39ef5fa7a5299fb786

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1371
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:03:41 GMT
expires: Fri, 15 Nov 2024 15:03:41 GMT
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0002 143 B
166 B 9ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 00:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC52 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9DBF 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 17 Nov 2023 19:49:55 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9DBF 34 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:17:15 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9DBF 236 KB
63 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:26:38 GMT

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/ Frame 9DBF 55 KB
12 KB 11ms
11ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3760a5b3b3cc392649d2ce2a9bf02f968e33d22a72582159dc579fa3e4fb4ac8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 15:03:41 GMT
age: 37377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:41 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 50CF 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6738 6 KB
3 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 17 Nov 2023 19:49:55 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6738 34 KB
13 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:17:15 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6738 236 KB
63 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:26:38 GMT

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/ Frame 6738 55 KB
12 KB 11ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3760a5b3b3cc392649d2ce2a9bf02f968e33d22a72582159dc579fa3e4fb4ac8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 15:03:41 GMT
age: 37377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 07B0 0
0 43ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3962616093735279&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C26
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFloN0NNcDcxUjNORDA1&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9...

170 B
232 B

19ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFloN0NNcDcxUjNORDA1&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9jQMVakT3vjW5HhS5HgZMRA-C9nn5y9uoIwtLrGTGmFnhWATSV64iwdxRO

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 01:26:37 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFloN0NNcDcxUjNORDA1&google_gid=CAESEK1AWE2_IsAHBWgQ8im3bkY&google_cver=1&google_push=AXcoOmRlAOIGIPoiMxAndy-9c-4VTBNFHOteWG-vlLk4Gr9jQMVakT3vjW5HhS5HgZMRA-C9nn5y9uoIwtLrGTGmFnhWATSV64iwdxRO
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C26
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEY8XOp4zaexZaz-s3B83Oc&google_cver=1&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1pF_PjsymsFPJgEYYw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A06334B87E2143ED93830615E7B72ECE&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1...

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A06334B87E2143ED93830615E7B72ECE&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1pF_PjsymsFPJgEYYw

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 01:26:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A06334B87E2143ED93830615E7B72ECE&google_push=AXcoOmQq5QI9xR6vRMxsIis6qJtuwjceA-6WJbqr5U9OqxJFhPiDNsqoyass_qlo0EcExLwlN5hCQqRxFcoevX1pF_PjsymsFPJgEYYw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 01:26:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9C26 70 B
149 B 107ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIyZsWN2plR2pc4DZBN257M&google_cver=1&google_push=AXcoOmSMP9psDC9RBTOnx25Pr5KFan7HJKRrawelVm-MI5Fm_MUqPIa6r_mzvlKupzXBOB63BdoXQb6wOoetwdbrAxPHR9dq7OZvafUH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9C26 0
187 B 58ms
15ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKfdW-2V_5n25xtNE6QnHW8&google_cver=1&google_push=AXcoOmSmh6F9Z2y3kEWvZXAmXMqh-QiEETQxb_rPpeqwTz2agWgqg65lHl8fv6PFUAnSIYnRL_6DGgXoehHG5CHH8iR79ynFSFWKF0kK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 17 Nov 2023 01:26:37 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C26
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIzaRUcBRVuYhQ8lLo8oRh8&google_cver=1&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbdsftlPFQuISpYDG-WYhGh_&google_hm=yXZ6VwFpSyC1wCkq...

170 B
329 B

16ms
15ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbdsftlPFQuISpYDG-WYhGh_&google_hm=yXZ6VwFpSyC1wCkqJ1XoaE0

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT-3sp7in5IDZ_p5wDcyA0pQqP6P4LKxJydR6rQcK6R5JUo9V5mTS0QW36nKbXD3FR4Gqt_KGiOvbdsftlPFQuISpYDG-WYhGh_&google_hm=yXZ6VwFpSyC1wCkqJ1XoaE0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 9C26 43 B
146 B 37ms
7ms Image
image/gif 18.197.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKsm5XZjuApj2aFwcOHG344&google_cver=1&google_push=AXcoOmTLUGiEOd5UWniopZDlqCpTViW37Aeq8uLYxJe0MaXcK9bSWwAPvoBPYAObk4HZzGKG0aU9FHgdsIxsjZSSEHeRBjk8LbyGbe7K
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1208803955&pi=t.aa~a.3343635243~rp.1&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=1&bdt=3725&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=3&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=4138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.187.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C26
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI7JXbZeKMbl1e5GCmbqWD0&google_cver=1&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSm...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSmFOTiPb-5W&google_hm=eS1CSGRLSk0xRTJwSG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSmFOTiPb-5W&google_hm=eS1CSGRLSk0xRTJwSG1oN0xJaVNoVXQ5RGczcmhBbHUxVn5B

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 01:26:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSGN-oFPaxZvrlkNQNWznxnLCHET647v_EkgzNaizDN8zUVjveY_tVmgKnZKUaeLzZscx74kSnI-aphIoSS2m0RiSmFOTiPb-5W&google_hm=eS1CSGRLSk0xRTJwSG1oN0xJaVNoVXQ5RGczcmhBbHUxVn5B
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C26 0
130 B 49ms
14ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LnnHqmu2Mx6KZ8EoCvNas_Am8ROXZ3lm-fiMZgnT3dtnyXi53um2lvsXhRVH02rdG-OstS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9556 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 18:01:04 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 956E 39 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: www.bbfas.com
URL: https://www.bbfas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CC52 0
104 B 164ms
25ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGuXMRrbHqtmIUpxpl1NlUk&google_cver=1&google_push=AXcoOmR4-l1w6bPdUm4DY2pPpNdSDewZNq5SOJWIXJA8cWq3qNiLgzD6IOhAxPDmOLw_-MyWRwaHdpv1IzHbaxNe6RbLiTZc1Yua1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CC52
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluA...

43 B
420 B

344ms
334ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82742fca9c49365c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 141
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELkmZuJSWKBhq35yOIdqr24&google_cver=1&google_push=AXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBRQhC69E8mqpu4TbrYisnxTQ90L7Nvwuq_6mqHwfngarMHmyV9SIx8qycTurGCyY-Kq4Z0ZOsDqVJxjnHIIGGqGhvluAGOlI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82742fc94b9c365c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC52
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBe0iD_KXR1O0tXaA6ooYNM&google_push=AXcoOmQuP6GkpEncZNkUygP21ANLQUkg0d8ZJbiXpG4p1MF44gvYjikQo1...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBe0iD_KXR1O0tXaA6ooYNM&google_push=AXcoOmQuP6GkpEncZNkUygP21ANLQUkg0d8ZJbiXpG4p1MF44gvYjikQo1nAkM_r7OJUaYtsZJeBBixf71ieF_qioT1pDUhA0_VLFv4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230046-FRA
pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700184398.287267,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBe0iD_KXR1O0tXaA6ooYNM&google_push=AXcoOmQuP6GkpEncZNkUygP21ANLQUkg0d8ZJbiXpG4p1MF44gvYjikQo1nAkM_r7OJUaYtsZJeBBixf71ieF_qioT1pDUhA0_VLFv4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CC52 0
173 B 43ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECfEV-qadnrBMOBucOf_1gI&google_cver=1&google_push=AXcoOmSaPu_LPmSwhlhPc2IAJbleEZW-c7_abBK3NK9DIAqh4h4O71-9ycTmC3Fj33WN1Bs2MRY40t5sZJTwbvDX63q5XhSb94_o68Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC52
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFtXW-Lsa89Dt95wcc209I8&google_cver=1&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshS...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFtXW-Lsa89Dt95wcc209I8&google_cver=1&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJs...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSSKVFIpJSInip0ivgEvjmh0mVYUJQ2SoslcOPUNkYjaqRKjeqTwZNEwwyrS_8aGEoDLBsfgqZ1PW31N_SqJ6EJshSbcSz1LQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC52
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMDeYEjI_siEmdp3pk-bOVk&google_cver=1&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfI...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMDeYEjI_siEmdp3pk-bOVk&google_cver=1&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0NzQzODA5NTc2MDUyNTkyNw&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuL...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0NzQzODA5NTc2MDUyNTkyNw&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfINnCrimFex_PqHeEbS-m8XII

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0NzQzODA5NTc2MDUyNTkyNw&google_push=AXcoOmQMdWdQJ1FW3sef033rVglzYrXVHaiU7RjzvSehHDNbfoXPLPU3jd2rYQvYkgh4QPjweMxAuLfINnCrimFex_PqHeEbS-m8XII
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame CC52
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP3NBMOcdJtS...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSyyFIaVJ7_6WVFlLCkDWQ3p_YYqansVuHKRjVnJzOl1fG1QURCgB3mOEuMCTGtQZBTa7Vl3z0naxe6dvHAUkBwJGE-neTqlFj_
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
36ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 01:26:38 GMT
pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CC52 0
49 B 20ms
13ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kje-JPI4rTkt4Mal_A3u8rQQ3svLilEYP7D_tX7omY-9r2rMIEteDBZIh0CmKpsICIcumxtw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B557 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 472c9142891d980165bf01aae7120519080e5a74530c712db92dc6fb2c263c21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0002
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:38 GMT
expires: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 01:26:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D382 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2df3fd1fb8425e870360a5dc54fa13abf7401b49dbec1c9507fa7cfff22dcfa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1_atlas_P_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/images/ Frame 6738 29 KB
29 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/images/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc466d5cc17a7be6df91ec9c93ccf5bcd90237f33b5893357a759cd381ba89c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 16 Nov 2023 15:03:45 GMT
x-content-type-options: nosniff
age: 37373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29788
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:45 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D382 20 KB
21 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 489950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 09:20:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B557
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-YivTcFWZYy7HeGRjuwP9ZySgAKC07z-c763jdGIEuLxh8T8NhABIODM9pIBYJXikIKgB6ABw7TkigPIAQKpAu8CazzSMrI-qAMByAPJBKoExgFP0Iq4cy8jdaavUNYN79wBfC9titcBzZR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217662456253965400638%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window...

0
0

43ms
42ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217662456253965400638%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827923011%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215210669027108290065%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17662456253965400638","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827923011"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"15210669027108290065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:26:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17662456253965400638","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827923011"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"15210669027108290065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1_atlas_NP_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/images/ Frame 6738 106 KB
106 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c8f75b4da563b1fab4ffd14d6332241159223f540fe39526323c025552e4fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 16 Nov 2023 15:03:52 GMT
x-content-type-options: nosniff
age: 37366
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108479
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D382
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_NjITcFWZaGBHpOfjuwPnYK_iAL6jLeFdLeipNGWEtWzhr-aPxABIODM9pIBYJXikIKgB6AB7rablQHIAQmoAwHIA8uEgIAEqgTPAU_Q-bDi6QQ7T-_RxzH7_6PcWWlzDEuJAXSbcw5_kNz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211176431157363816122%22,%22debug_reporting%22:true,%22destination%22:%22https://game-homes.com%22,%22event_report_window%2...

0
0

43ms
43ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211176431157363816122%22,%22debug_reporting%22:true,%22destination%22:%22https://game-homes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22312925038%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22734129530133882561%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11176431157363816122","debug_reporting":true,"destination":"https://game-homes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["312925038"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"734129530133882561"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:26:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11176431157363816122","debug_reporting":true,"destination":"https://game-homes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["312925038"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"734129530133882561"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1_atlas_P_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/images/ Frame 9DBF 29 KB
29 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc466d5cc17a7be6df91ec9c93ccf5bcd90237f33b5893357a759cd381ba89c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 16 Nov 2023 15:03:45 GMT
x-content-type-options: nosniff
age: 37373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29788
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:45 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 44ms
43ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame C5E7 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame FCBF 39 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6100294639067404&output=html&h=280&adk=3160827067&adf=1513711055&pi=t.aa~a.3231875439~rp.4&w=748&fwrn=4&fwrnh=100&lmt=1700184397&rafmt=1&to=qs&pwprc=8168120565&format=748x280&url=https%3A%2F%2Fwww.bbfas.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700184397451&bpp=2&bdt=3725&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2939426495951&frm=20&pv=1&ga_vid=64360418.1700184397&ga_sid=1700184397&ga_hid=1161858510&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809314%2C31078301%2C44807405%2C44807763%2C44808149%2C44808285%2C44809057%2C44809071&oid=2&pvsid=3962616093735279&tmod=1792669165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 200 CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1_atlas_NP_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/images/ Frame 9DBF 106 KB
106 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c8f75b4da563b1fab4ffd14d6332241159223f540fe39526323c025552e4fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1618863092328007585/160x600/CT0057%20Contigo%20Q4%20Campaign%20Banner%20DE%20Black%20Friday%202%20Ratings%20A%20Skyscraper%20160x600px%20v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 16 Nov 2023 15:03:52 GMT
x-content-type-options: nosniff
age: 37366
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108479
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:59:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:03:52 GMT

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6738 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:26:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DBF 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9556 0
12 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m3IVZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:26:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E653 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv9-biWD7Bj1M2KCz7VN6rXFybFpqkujeTMgJw0fz-wTwvryQTl26SE3WoyYv1UNk6DTCODfcsa-mGP4-VlKB11ba9Zs3xl9qn9Qf27CIEFtl_4qdNtgBqEx9g5lkYkeMujlPRyyisrZ74gM7Fi3JEgnJEb_1jpESXWtHSBC14&sai=AMfl-YT-CkCxMelNZhxzd7WEBzbhY_4O28OLdskLrsUQ5bKfyjUZor3us3seMoPJ2XEBk3xkgLWtUqTssr7UzLgaicpfqAkmuziyyt-7IJrKsQC4RZJ76ByYRgax55SouFmlG5fRl_ZlKVXMEaqrV4mPbi2m3aJnR1nCsT4&sig=Cg0ArKJSzC4aEVz6cG_bEAE&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=194,769,1000,1117,1117&tos=194,575,231,117,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700184397524&rpt=353&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2B9 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX5PinOd5YGXV2jE6FLlWdu3t9O0damuP9htNdT7XsfnZSlERYuSVAnduF_Gir9acOsMX7Sdw_gfFWagsD9dRkMsg_0leDjyCICOQd9xrGhIEaZXlHCV04p0gWRk-107e_P8ryeLt-mvz2WYAk26_71eq_vuatrZcl_TaKxdI&sai=AMfl-YS0Y3GRVmDe8Hbt55XhgaSbgLvABm29o4hjMd0ufsvbRXxa7JZ9A9N7m1hxukhvXt5ZfIbN7ieCcFh78ZFN3nhSqME4_r-bj_8hQAxPAhtOAEP2iUyTuKqDy5LbKbXZQB4SybofFzDso6wDls7B6Q-d-dCWGtZtONs&sig=Cg0ArKJSzMwj8qLkKBiMEAE&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700184397591&rpt=321&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC3A 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4I6B_yHUtiEok9MK3gvY6Z2NIEk8kFCLWVvAgVWI7qeu8CxudsEb2v585TkaNZfM0WlBKHEBtOQoJMhjjsF9-nvdfZBPIM1EAlES81SgkUB3VqsPHH3rXpKAxbghW_egBUQtHKRkgBOKc7eD8ZCqJqb8HK4kcFMy0UjGi5h8&sai=AMfl-YQO9lPPAQwm3WWXEbKSqKpdkKHJVL1eUWD4okYDpr6UtMO1Xl6gALI-3CDWBl3RfW_ZiAdX4S_lR1nTIBKmKn3dS1BOPaFkd7j9qBKtu-wn-kp2V-gpqySBRV403agMalwSebeH2MQu8f0PeJp6ttW0u1ULHl4bD2Y&sig=Cg0ArKJSzEDisg5gdt-OEAE&cid=CAQSTgDICaaNa87AFTiMNgBsWyErmGtLjqUFVCGgWfZPG44J2bR-QWHjoenLVcXeZPnfmjQlUnzXOrulgjHWcAtgHPIBI3mpD6-TTW30Gg3vTBgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700184397573&rpt=352&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:26:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3962616093735279&bg=!3t2l3ZLNAAZxrfrxUa07ADQBe5WfOAP0RicEyhM5_upPhX3r5O3f7N-m4la64aou6jLRDYvW1uCQ49B9_6tyuV8NVTv3AgAAAZZSAAAAA2gBBwoAnX5pLX2jP2Ye8iCTvK8v65TYCcyNsnBVFDTXyjog-8WIBNjguLl1G2wHCfYTVlSEEafhI3jm8XgFs0YxSIeFUmsVZD4Srv4U5PGSp_kXNLikcTkzE2cA6A60WAfPQyTuBviUWM5K6LnukuouqYfYrDlS3W3RCSCg1vbLuSYBkL8UiWhk-lhMzcd4bt3zu4NEFPPcjz7c9qAHdegBlSCZArRuwQ1sOVv2aE-5vh5y_1d8lxCPHWu17vM8YsZxb5uuFsjXeXlw8ekDC68hJzbZmRo7EdWI68vJ_lq8P9RzHsPLoglmb_FzJ1EmfvYViyH3h2fmPehd54rXcmRwXWLMIPv8_l52SsvqlLALJCfNQrxqKryrnP5FFRfJZuO8BNfb_1FlroYpA0Z2kzMzIj8HipHFtXWoWJV5qoyYhABalJtihRKE0CZ34T2Qhei92V6C1x2eIZ2JDticBS9fKZgKDpAQuZWfe7GphIqag97TZrYuVeh_-aCYm2qPZTBRqkBMBDIogznPHjURA0TQwfYVgJ46dBZXVZjM1Mi8AW60BhbdineGzZUaS5ZxZ78Xm1z09UAK_oVU12DJB5E_tu78f_OzpgVkIrd0vJLWWBoHsnqeB-bsUU7rCNzZOANnZgV-hj9BOL_Sp16bJuNVdQLhkP7XoncALiKDv8-Fk9p3k3i3-8CaSuBmuXJBH8uAev1vQ-LQXDx3uuCO86_c95w5brbbvD5saIr0e5_oSr2UNrZiRsfdT5P9mLMpRFbrdIH8k13hjeHEHoARixMriTwnZU7-bpyi4HibjhJTl_pkeUxXMVQ19IAmT0l42VrCRy-cQIKQUqnHuzNctccMNUauZJXc7WTNWRXP0m7Imnp0FgfWEEgGlKzSD9vb75iWdlZveSyXpnNIQ3jQxAjqcD97umvi6kRJzLkl-jx7dZSRyk37Lg0IWOyv26NnI7L8IIHXYukkm-_4CTCmIJ4Cs8E15x7up4z18yPRGfHXQPSAU2hGLUXFaLHGG7l-dLcUvp6iUJ9Rt3TckYazTj69QSlD0oOmFMjSNLZyi_3mLfi3CAjIv6khk0BjnxKobTwGsd6E2ekjzWbUjCtMu7S-J-wgtNGMjFaCculdNiJL0NbX86fZ4fXi5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bbfas.com/	1970-01-21 01:02:00	Name: cf_clearance Value: 6ioGjPP8bzJw1PwhzuugKQyhGIt5I0lVwuNcI3h_dD8-1700184397-0-1-3a83c0a2.23ec8e0f.f3786710-0.2.1700184397
.bbfas.com/	1970-01-21 01:38:00	Name: __gads Value: ID=2a15f3aed2585348:T=1700184396:RT=1700184396:S=ALNI_MbnjVmc4-wrzg-WZu1SSi7QyY_IAg
.bbfas.com/	1970-01-21 01:38:00	Name: __gpi Value: UID=00000cca2df9065f:T=1700184396:RT=1700184396:S=ALNI_MZ-ujnnV1Xmc81BbiLCpOSaqSLLqg
.doubleclick.net/	1970-01-20 16:16:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:38:00	Name: IDE Value: AHWqTUm_BjNobaLpROaDVth8CGtJA-AkGEpwX8Kr-SHnVQXNDzusoFTBAzwXpQj7V6g
.googleadservices.com/	1970-01-20 18:26:00	Name: ar_debug Value: 1
.ctnsnet.com/	1970-01-21 01:02:00	Name: cid_c9767a5701694b20b5c0292a2755e868 Value: 1
.ctnsnet.com/	1970-01-21 01:02:00	Name: gid_CAESEIzaRUcBRVuYhQ8lLo8oRh8 Value: 1
.w55c.net/	1970-01-21 01:46:38	Name: wfivefivec Value: LYh7CMp71R3ND05
.w55c.net/	1970-01-20 16:59:36	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-21 01:03:26	Name: suid Value: A06334B87E2143ED93830615E7B72ECE
.blismedia.com/	1970-01-21 01:02:04	Name: b Value: 6556C14E69471EE49AF3D29EBLIS
.yahoo.com/	1970-01-21 01:02:21	Name: A3 Value: d=AQABBE7BVmUCECGn30qlHDFyI7nVU1Jo_C4FEgEBAQESWGVgZQAAAAAA_eMAAA&S=AQAAApKgJAMf5mgEw-sSeHulueI
.adform.net/	1970-01-20 16:59:36	Name: C Value: 1
.de17a.com/	1970-01-21 00:54:48	Name: guid Value: 1.6646241176876647550
.everesttech.net/	1970-01-21 01:02:00	Name: everest_g_v2 Value: g_surferid~ZVbBTgAAMq6PLwAM
.adform.net/	1970-01-20 17:42:48	Name: uid Value: 2147438095760525927
.tribalfusion.com/	1970-01-20 18:26:00	Name: ANON_ID Value: a3ntuJM0ing9PBmSTEpS8fPRLlhZaY822XCly2cMdnI2cBy1eccSW4vgEa6ONRkfZddmUrtMfyZcRTdqhMq6QZa2oXnl

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.kookapp.cn/api/v3/badge/guild?guild_id=8682642795285297&style=2 Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
down.bbfas.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
img.kookapp.cn
kookapp.cn
match.adsrvr.org
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
s.tribalfusion.com
s0.2mdn.net
static.kookapp.cn
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bbfas.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.kookapp.cn
x.bidswitch.net
119.28.201.87
142.250.185.226
151.101.130.49
172.217.18.2
18.197.187.29
2.16.97.41
213.155.156.185
240e:bf:c800:1d00:3::3b2
2606:4700:3032::ac43:dacc
2606:4700:3034::6815:187f
2606:4700::6812:18ad
2a00:1450:4001:800::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a02:fa8:8806:16::1370
2a05:d018:d29:3605:edde:ec13:7780:210a
3.33.220.150
34.96.105.8
35.186.193.173
35.204.158.49
37.157.4.29
43.132.107.24
43.152.26.104
54.93.168.0
98.98.134.242
062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442
0a0827461d40f0655dec967065c809e6de01bed7e2b8600ac8d837a53e9d930f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
1211b5b2edee764efb0748c824277cbff59842682d42c0d50bfd4b35f880172f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
154c34e3a329c77a3bd786660d4eb8132b1d28068770c7a404e954bf4d05e7d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19ad454d3a8cd1aafc3134187d4a53ddc58ba46cfdcbe0f79d626ae38658588a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
23db5b1877fa5db2a594c770002c7856fddde3da92dea17e5a7f626b12258cf2
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
270a0c957b22c7d2b3f40891d87512a52620ac6c0892de9c9f56a005c5778255
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2c43027e79db60dc95d355a14fbf602e755f33be6ab8262a81b616f7ffd193b2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df3fd1fb8425e870360a5dc54fa13abf7401b49dbec1c9507fa7cfff22dcfa3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3760a5b3b3cc392649d2ce2a9bf02f968e33d22a72582159dc579fa3e4fb4ac8
378413e38519ccd7db718eb93246e48944ba8c8a917eac6eec2d59f4f95d8fd4
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3a6daeb1c4e73349347e618ef1a7ff77e6757c4f7816f7de20a30fe35c7f2a9a
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cbc5cf71a61ce9fced5dba8b4fe63ca8a4435f2cd023ded2301df2f8fe21c3c
3cc384231fff48f3f3b1dc9abfdb33582715bc690987d56b2d708e48ee9a7bc3
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44c8f75b4da563b1fab4ffd14d6332241159223f540fe39526323c025552e4fe
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
472c9142891d980165bf01aae7120519080e5a74530c712db92dc6fb2c263c21
47e72842106bdff33b0732d62873da4dc9709cd62842076374acb6b5482413cb
4d42abf88b944a10f8889cdf8fde97a37eef51470ca9021ea706fab884a099bc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e22e8b62bd87578230ea9106408a702886ffe8c2d01c77350f7776cc3dd5367
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
501afd4a7a7a0012d74b874ea619603346d67d71a5faba8466e71717034d19f4
53fde292e957085cb5f668d028d3316ed7fd40bc93def47f6680d6d3646d39ae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f44e4133ac0d64c04c7b5efcbe8f5ba3083bbc7b6fc04eec1eec9d81824597f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
644245f8610ceb1b0b7c633fae305b7ac847dbb3e0d9d8dd567124d073ec19a6
6cacd39ec719e12fd9aaf45132e4506c9a1fb0a046d590d07a69a4403627a27d
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6faa1bc08f0447a4b0a3ee1648f8bd24ca881addfc2ee2759edb6563c4c6472a
6fdb36f5bdbffb1e02520fff7d58e07b10d1c4fc09b398d2691f0943ae3d7e00
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
761e4c7a311ea44a9d4d36151a55f623799d1a5726e3069b6c0323451e96331a
7801a455185d39a4979203d7fbdb81abc8fffc22e2207184c20fcbaa5bacd403
7de60935a70bad157b051290409ca10bae2c5d0360122310304cc965a83418a5
8145b846b5bf4933e15fb1de4e0a3e1289b924b5f991322af81eba3f4b5e9d24
82b90d18e87a90ffd9ed8cc76f579434231525dd52171d2f51c45a30705abfbe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc
8e70c23200e50316f8fec1e74e2aae129ae95d48e16a79c44627dddfc094ea99
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
939f200dce2c69c1d1efca2338bb8f1047de095bf5e289559d21f1be24bf0b88
9994fd59950300417e2caeaeb412b8522597fca9945ca3d33d26756e0f869be5
9a557c73da7620fb6f60332feef4757a9e4c318550a406fc65073c7845ecbf92
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a
9d2ced2fdae09cd68cdcf6178aa8a2d4bce4e865d707c6e682dc224a3fa7fa6d
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a44560dfbabe92d5252f2cf14739c5783644229073e3da5c76b146cc15efbfc8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b81fa26962caa75a49c8cd4ae3b38677608f878125e63a705ba63f65444f50fd
bb96ed82b53bd4ffb94b7703a44d580a64a33493d0121870a3b70d6427a758e4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be56911b9aecc606faa7439f0dfe027667fd0c5cef74eb7ea2b0766ddf832f97
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c8aeb2b43b52eb5c20d8a08e63921b137c23829d85fc4c8da5da7c8957901d11
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cefbe458311a8c673f57656ea460dd0b1437ae7ed1d1b5b47e437702e1020252
d3b3437887b101fd7f24e4cfeb62e8deb18597d70807176a8f80869b9eed3cc9
d5a9ec9214be48dd6c96c72643c49b173ba24db65396586291026986f05c671f
d65984021644d8ef55eee451fc6957703ee4347389de8acd38874e2fef315118
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8a8ae4a627472bad3afd2a90b266cf261d4a98daea4ef653fd74ed543bb83ae
d8cdcd1116d81f8e455e4d96e85b097be130d1c0db94935060b3783537c345ab
e1ecaf362e80e2d46d76e0c46d3ff19591a89136e850fa20a664055a8c1725cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6cf10ae588a4f858d7c799d4c42e121c9ba1e1f4a7b63979f78906d8d05b6b9
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb83065c001b8568be3467f764da666416ca8273796acc39ef5fa7a5299fb786
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f7a10097e318c412b41695d9001f6bf3f37ca3bf84e28a4b874295b82cd6196f
fba567510c78e74f786a08758c04c5ea612bd27ee9c775c5fb4753e57c1df6ab
fc466d5cc17a7be6df91ec9c93ccf5bcd90237f33b5893357a759cd381ba89c4
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.bbfas.com Open in urlscan Pro 2606:4700:3034::6815:187f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

90 %HTTPS

48 %IPv6

24 Domains

32 Subdomains

23 IPs

9 Countries

5553 kBTransfer

13147 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.bbfas.com Open in urlscan Pro
2606:4700:3034::6815:187f Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

90 %
HTTPS

48 %
IPv6

24
Domains

32
Subdomains

23
IPs

9
Countries

5553 kB
Transfer

13147 kB
Size

18
Cookies

179 HTTP transactions
11 data transactions