urlscan.io logo urlscan.io
SecurityTrails logo

qooh.me Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://qooh.me/smokesalt1
Submission: On August 28 via manual from CN — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 86 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is qooh.me.
This is the only time qooh.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 15 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2620:1ec:46::42 8075 (MICROSOFT...)
3 151.101.65.108 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 20.83.192.11 8075 (MICROSOFT...)
12 185.89.210.90 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
86 14
13    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
qooh.me
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
15    2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
3    2620:1ec:46::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
9    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    20.83.192.11 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdktelemetry-prod.servicebus.windows.net
12    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
307 KB
15 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1761
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7114
89 KB
15 bing.com
www.bing.com — Cisco Umbrella Rank: 62
39 KB
13 qooh.me
qooh.me
88 KB
10 windows.net
adsdktelemetry-prod.servicebus.windows.net — Cisco Umbrella Rank: 29115
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
67 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
170 KB
3 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4680
81 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
17 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
601 B
86 11
Domain Requested by
15 www.bing.com 6 redirects googleads.g.doubleclick.net
13 qooh.me qooh.me
12 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
qooh.me
11 pagead2.googlesyndication.com qooh.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
10 adsdktelemetry-prod.servicebus.windows.net adsdk.microsoft.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
qooh.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
qooh.me
googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
qooh.me
3 cdn.adnxs.com googleads.g.doubleclick.net
qooh.me
3 adsdk.microsoft.com googleads.g.doubleclick.net
qooh.me
2 www.google-analytics.com qooh.me
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
86 13

This site contains links to these domains. Also see Links.

Domain
beppackaging.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
servicebus.windows.net
Microsoft Azure TLS Issuing CA 06		 2023-07-10 -
2024-06-27		 a year crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://qooh.me/smokesalt1
Frame ID: 9CE54EBC75F73E6FC19129F34AAD7A38
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 4D33E5F64DE0E9BD41008DC2B0CC4DCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Frame ID: BC9D008C8A956DBD74781E415EA8F9E9
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Frame ID: E5DC8F5E4E6AE3F66163CA2D3FAC49AC
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508476&bpp=90&bdt=596&idt=245&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Jl2z8V6L5h&p=http%3A//qooh.me&dtd=248
Frame ID: 7F7BEE393192CAC2FAB679DE3C80A875
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1693183308&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693190508581&bpp=3&bdt=701&idt=146&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=159
Frame ID: 7E6F930D97704C44600CF6A5F8149F4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 46DD313D776652D7892C4D3E4964C907
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: BC01207A2F1754224822D11345DF3621
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4FB0588F04B77DF1BC49501D978A45E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32532C8A30E2D536014D81E54B731132
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qoohme

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

76 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

859 kB
Transfer

2406 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 17
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=293496880&utmr=-&utmp=%2Fsmokesalt1&utmht=1693190508611&utmac=UA-23732945-1&utmcc=__utma%3D3998191.1426687138.1693190509.1693190509.1693190509.1%3B%2B__utmz%3D3998191.1693190509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=924720096&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=293496880&utmr=-&utmp=%2Fsmokesalt1&utmht=1693190508611&utmac=UA-23732945-1&utmcc=__utma%3D3998191.1426687138.1693190509.1693190509.1693190509.1%3B%2B__utmz%3D3998191.1693190509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=924720096&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 23
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2090f70-34c0-4a7c-bd60-fbf2c766446c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=907178e1-2483-46d8-8cd3-4a0360c0daba&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D14344e4fb3b74ded841acf1fe190d69e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_pyvpxpbasvezngvba&aid=4808064865794482883 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=14344e4fb3b74ded841acf1fe190d69e&SNR=1&GV=2&med=10
Request Chain 29
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b746d76-9792-4343-ae9b-e42ac16a6238&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=2d15e77d-68b4-4263-abea-420c6fc2f782&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Debc31b81b20c48898560906a756dc6db%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=8725874757640079532 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ebc31b81b20c48898560906a756dc6db&SNR=1&GV=2&med=10
Request Chain 58
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d8c746c0-dc26-459c-8054-862fdd85eb5e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b0eef4cd-53fd-46a2-8311-2beb60d34a2f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D830a223acdc644af906948fdf5a846e8%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_hzf_35&aid=4476811302585091427 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=830a223acdc644af906948fdf5a846e8&SNR=1&GV=2&med=10
Request Chain 78
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2090f70-34c0-4a7c-bd60-fbf2c766446c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=907178e1-2483-46d8-8cd3-4a0360c0daba&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D14344e4fb3b74ded841acf1fe190d69e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_pyvpxpbasvezngvba&aid=4808064865794482883 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=14344e4fb3b74ded841acf1fe190d69e&tids=15000&med=10
Request Chain 79
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b746d76-9792-4343-ae9b-e42ac16a6238&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=2d15e77d-68b4-4263-abea-420c6fc2f782&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Debc31b81b20c48898560906a756dc6db%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=8725874757640079532 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ebc31b81b20c48898560906a756dc6db&tids=15000&med=10
Request Chain 84
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d8c746c0-dc26-459c-8054-862fdd85eb5e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b0eef4cd-53fd-46a2-8311-2beb60d34a2f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D830a223acdc644af906948fdf5a846e8%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7218282&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_hzf_35&aid=4476811302585091427 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=830a223acdc644af906948fdf5a846e8&tids=15000&med=10

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request smokesalt1
qooh.me/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
09f700db140763a4cc46b3f8d8222ad0a0ba2ed68619e5f05190b91254b38963

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7fd9327facbb0e7b-MXP
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Aug 2023 02:41:47 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUDSgyYZiJlmLHMuDW%2B2A3XYb1VGeEKW4kYKSE5BvswCVIIRJfdSJfuxYUVyPtZRvo2aWKWPUN27kJho97BlyNZTVTirD8GkgQuh0VCuV04wweH7Z7c%2FCNLFWCum730wlZrB%2BLFS"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
alt-svc
h3=":443"; ma=86400
main.css
qooh.me/css/ 		51 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://qooh.me/css/main.css
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/smokesalt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:47 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4537
Cf-Polished
origSize=64177
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-fab1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeMQtGBTg%2BAiRhpPrNCFgpyDwu%2B7961i2VlPSPfocj0tftMMQz3G1xBJVMzfbqD1yehdNKHqli0Ed1QfQez7L%2FsNqKznVxtap3eox5hda%2BQEQf7T6q4FVJ2ihByBdFahqLT10OzS"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=86400
CF-RAY
7fd93282698e0e2b-MXP
jquery-1.9.1.js
qooh.me/js/lib/ 		142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/js/lib/jquery-1.9.1.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/smokesalt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:47 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4537
Cf-Polished
origSize=268381
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-4185d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5SFACsHg6BxJcD9KTOZoPV6s5TqpixN30Wj3ZKVa22fvFKZapHZCJfEzUf5aMXO85uZ2Vo82h7xqKusWsXI1hd40ypO5tSJyb0Njt77z1Xk%2Fwj0S%2FzPWfkhBJ%2FyUfLClrEhM8rR"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=86400
CF-RAY
7fd932826b240d6d-MXP
jquery.colorbox.js
qooh.me/scripts/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/scripts/jquery.colorbox.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926f4360b2abda8e3ca747d146c0d387e7f0e726e8d7781ad8369559419ca136

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/smokesalt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5a02b0a3-74e0"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AEkY5N9R5EzLCuOPrNuwZP9zF82kE917Ki0DGgk0M9YLw9iR4VLDwH7ev56%2B99bxLre9l4TX4cRpogR1Hx2q6HPV03EorSQ%2BeDGTOL17z%2FCOnCDz0cc2cO6XJEizOJxsk%2BC2RTa"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=86400
Connection
keep-alive
CF-RAY
7fd932826dfb0e56-MXP
alt-svc
h3=":443"; ma=86400
FacebookHelper.js
qooh.me/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/js/FacebookHelper.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/smokesalt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=5339
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-14db"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awLcm%2FlMBwFpeziTyaI2eRj1GZSEjTK%2BJZO5uVrne%2BwVan38jYTNwWS7V6DL%2BdA%2BRXRgVx9jl0PLQW0M65VqaJPb03XHQSOdLGgmakUXkWUqJoEfO012bh%2FHRojTZXyu%2FhWPjBBW"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=86400
CF-RAY
7fd9328269b5599b-MXP
show_ads.js
pagead2.googlesyndication.com/pagead/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3aac2a4cb0a1e63cf8a548ae17fa034c54baa75299851cfa3608e53084ed828a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
server
cafe
etag
7777002999412379608
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:47 GMT
photo_default.png
qooh.me/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/photo_default.png
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/smokesalt1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:47 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4536
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
1257
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
"5a02b0a3-4e9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fztqVy5YpLMCav8j%2B%2BWpZ8ULpNz6wpqJJAWP29dhRy7On7xj%2BQpD4990McxghPEr8g1txE%2FKsY6o9XW8nUTBulYU6DPVKOdeYbr6JqBAU8lNOneCxiDK2Cl9SmGsKeBFX7wlHNlv"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
7fd93282cb450d6d-MXP
bodyBg.png
qooh.me/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/bodyBg.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:47 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4536
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3392
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
"5a02b0a3-d40"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1VZ549DRm%2BRD3fnJjsIT9PunLWSnLrXp2DNDCfOrDckRBMSxUHpK2C%2FS6Mwg0HKe6uYKXwwfGkzy9jenE7AuuwYOeiIMC7WEkf%2B9xbVwTMBdQifSq%2FQoObaqCo8eDUtYc1WP4dU"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
7fd93282c9b40e2b-MXP
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07ad9cc78d71edd42ca9dc388990cdfb9b391cb2ef253eba704e4b4aa3f0e3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50862
x-xss-protection
0
server
cafe
etag
10297321548220082257
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:48 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 02:20:11 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1297
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 28 Aug 2023 04:20:11 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
body-bg.png
qooh.me/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/body-bg.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-df3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0wJcf7tILqWLqh9xpfdIlpocEuhpJP6naWb9D48DKEx0EYMsu64nlWdkpUcHF7yjZQrEWIHfMMnty2Am6JAiTcZNAVaVEzZR6e%2Bm6eWZgaHJtyRGNytSSpsmpvjjKRes5MH20Dk"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fd932860f490e56-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
3571
logo.png
qooh.me/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/logo.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-136e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Q51R%2FKlS2%2FPYwUb2je6Z5QGWkhw9Y86EbObRkAOAjgbeL7FLWRH4Y2z68cGl5ucXFx%2FUaDMLAChvTI7EYhmdv5rusLaIlVi1GNh10yn4CQdjVjRu0o63oOujL3yVof6xiZenSrf"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fd932860af3599b-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
4974
content-bg-repeat.png
qooh.me/images/ 		133 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/content-bg-repeat.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-85"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCZavocIjYRiHU0mJi739u%2BP%2FshtvSVontUgT3iBwNR5FhcW5bfv19pqs1EAbkdfYGckcjlRIyAXEK3I37%2BOaTiVk65C%2FY8lFZRV1nMiEWHyL0KFhF5n5SvklB97C4eDjWikxstq"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fd932860f8f0e7b-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
133
button-grey.png
qooh.me/images/ 		242 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/button-grey.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4537
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
242
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
"5a02b0a3-f2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgG7pjgvYrqPK0jN27cVpNAG75%2BKDxgBGa3HEQjCKbJUIkgDHvmyqa36KalnATyLXWgY80dooQptkLbL%2BlwRYPA4KGSt1xLK%2BFrgNnhLxl%2FBbgYKtmdBvkkGzrilVtw1Pj63kcoO"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
7fd932860aff0e2b-MXP
sidepanel-arrow.png
qooh.me/images/ 		233 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/sidepanel-arrow.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-e9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9wqaWYXNSJwOCIKCn5OCUnymps7zm%2FNS7yZaRY98iyhtEYuU2d2epolaUXb1hedwjupuelEsA14BQqmKK6rdZAsoiA%2BJMEmQGhQEgxlPTM0rwYkKkMBbdxW5rQo%2B9W73xi6B5FB"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fd932860cac0d6d-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
233
tag-btn.png
qooh.me/images/ 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/tag-btn.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 02:41:48 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-2f6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVJxcRpKlcp8Y1LVR1bUL7nRqO9Sy4KR8PBXljeUxdQCGde2KRcAox4CeA%2F%2BvwNheHPwbJNkSYXArqEhjXi8vfwJgh8W8oA7DOdAxQv1DMORj%2B4CDTvEy1umNgeiaughOGKtJiEI"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7fd932862bc35a13-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
758
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 		391 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4ba844dd416a0135d6c6d0d607b10c325222b219453edb345ff61925c097758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134441
x-xss-protection
0
server
cafe
etag
6249078116866375554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 4D33 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
55548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 11:16:00 GMT
etag
9878862242593084568
expires
Sun, 10 Sep 2023 11:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhi...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=293496880&utmr=-&utmp=%2Fsmokesalt1&utmht=1693190508611&utmac=UA-23732945-1&utmcc=__utma%3D3998191.1426687138.1693190509.1693190509.1693190509.1%3B%2B__utmz%3D3998191.1693190509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=924720096&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1720740225&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=293496880&utmr=-&utmp=%2Fsmokesalt1&utmht=1693190508611&utmac=UA-23732945-1&utmcc=__utma%3D3998191.1426687138.1693190509.1693190509.1693190509.1%3B%2B__utmz%3D3998191.1693190509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=924720096&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
cookie.js
partner.googleadservices.com/gampad/ 		381 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=qooh.me&callback=_gfp_s_&client=ca-pub-1046108362436506
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35ccdc6ee26e1328c27daef63a356d4539096cf66133405877779631d14d864e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC9D 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19c81423816ae87ed7688232196b216f1d7e70e4f8b4fc96c987e8771ebb55eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17524
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 02:41:48 GMT
expires
Mon, 28 Aug 2023 02:41:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E5DC 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdb2067968321dca0231af7cb9ced31b3a321aab80db6e5fdd7c25fb3d1f9b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17241
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 02:41:48 GMT
expires
Mon, 28 Aug 2023 02:41:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F7B 		436 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508476&bpp=90&bdt=596&idt=245&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=Jl2z8V6L5h&p=http%3A//qooh.me&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2231bb7c4724884581220fa09c5bf33a32dfbe35caff9b4ebda124a0df5d4003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 02:41:48 GMT
expires
Mon, 28 Aug 2023 02:41:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7E6F 		82 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1693183308&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693190508581&bpp=3&bdt=701&idt=146&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0050a5561fee9212ff2d819876b55ffe41dde6cb44fd27942b453c6784e0ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
23709
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 02:41:49 GMT
expires
Mon, 28 Aug 2023 02:41:49 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c.gif
www.bing.com/aes/ Frame BC9D
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2090f70-34c0-4a7c-bd60-fbf2c766446c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=907178e1-2483-46d8...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=14344e4fb3b74ded841acf1fe190d69e&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=14344e4fb3b74ded841acf1fe190d69e&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E7C420CCA54441B8B85E92606B43CCC0 Ref B: FRA31EDGE0613 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a152385d
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 065D61751CCC43EC9DBBF6701506F37C Ref B: MIL30EDGE1216 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a1523700
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=14344e4fb3b74ded841acf1fe190d69e&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame BC9D 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 28 Aug 2023 02:41:48 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 18:23:23 GMT
x-azure-ref-originshield
0mXfrZAAAAAAPXNkNaxQ2SKB4jvZDuUsvRlJBMjMxMDUwNDE4MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
OMaSWV/4gIpQkafMEsWVAg==
etag
0x8DBA33CDF15DDE5
x-azure-ref
0bQnsZAAAAABvLhjKFgWJQIEE9BvbhruGWlJIRURHRTA2MDgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
35799c09-701e-002c-0702-d90f94000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame BC9D 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Mon, 28 Aug 2023 02:41:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4113929
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-mxp6974-MXP
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1693190509.042533,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
65, 296721
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame BC9D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame BC9D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
84383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC9D 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:49 GMT
c.gif
www.bing.com/aes/ Frame E5DC
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b746d76-9792-4343-ae9b-e42ac16a6238&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=2d15e77d-68b4-4263...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ebc31b81b20c48898560906a756dc6db&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ebc31b81b20c48898560906a756dc6db&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1542AD1357BB4566886BCF42062DA24B Ref B: FRA31EDGE0508 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a152385e
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB7A1F9DB67A4F6D9D0BE7D81DAEF079 Ref B: MIL30EDGE1308 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a1523701
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ebc31b81b20c48898560906a756dc6db&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame E5DC 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 28 Aug 2023 02:41:48 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 18:23:23 GMT
x-azure-ref-originshield
0mXfrZAAAAAAPXNkNaxQ2SKB4jvZDuUsvRlJBMjMxMDUwNDE4MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
OMaSWV/4gIpQkafMEsWVAg==
etag
0x8DBA33CDF15DDE5
x-azure-ref
0bQnsZAAAAAB7lh42VPskT5XF2ZtcozPWWlJIRURHRTA2MDgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
35799c09-701e-002c-0702-d90f94000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame E5DC 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Mon, 28 Aug 2023 02:41:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4113929
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-mxp6974-MXP
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1693190509.069701,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
65, 296722
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E5DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E5DC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
84383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5DC 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:49 GMT
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 28 Aug 2023 02:41:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 28 Aug 2023 02:41:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame BC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
Authorization
SharedAccessSignature sr=https%3A%2F%2Fadsdktelemetry-prod.servicebus.windows.net&sig=YVRTLRh4IatV0iykgXF92i8PB3WjfqU2Y%2FeS4X7eoZA%3D&se=3890221685&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Strict-Transport-Security
max-age=31536000
Date
Mon, 28 Aug 2023 02:41:49 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame BC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
Authorization
SharedAccessSignature sr=https%3A%2F%2Fadsdktelemetry-prod.servicebus.windows.net&sig=YVRTLRh4IatV0iykgXF92i8PB3WjfqU2Y%2FeS4X7eoZA%3D&se=3890221685&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Strict-Transport-Security
max-age=31536000
Date
Mon, 28 Aug 2023 02:41:49 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 28 Aug 2023 02:41:48 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 28 Aug 2023 02:41:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame BC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
Authorization
SharedAccessSignature sr=https%3A%2F%2Fadsdktelemetry-prod.servicebus.windows.net&sig=YVRTLRh4IatV0iykgXF92i8PB3WjfqU2Y%2FeS4X7eoZA%3D&se=3890221685&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Strict-Transport-Security
max-age=31536000
Date
Mon, 28 Aug 2023 02:41:49 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame BC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
Authorization
SharedAccessSignature sr=https%3A%2F%2Fadsdktelemetry-prod.servicebus.windows.net&sig=YVRTLRh4IatV0iykgXF92i8PB3WjfqU2Y%2FeS4X7eoZA%3D&se=3890221685&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Strict-Transport-Security
max-age=31536000
Date
Mon, 28 Aug 2023 02:41:49 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
th
www.bing.com/ Frame BC9D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7284298905751_1BZ20M3Q9O6SF8XGZ9&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32e9da50cd84d45e29b02f30e60abeb0dee47c8d761ef0d692f000171b7299b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.92a12417.1693190509.a15237ea
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
9623
alt-svc
h3=":443"; ma=93600
th
www.bing.com/ Frame E5DC 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239313558904_16SY21J1QXQ6ZM2DB&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e09a302c84c19a3cf99db9d7afc9f6c48a3d05b0de574082a886a1048bb55fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.92a12417.1693190509.a15237f7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
13718
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame E5DC 		0
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QLyA-jyAQAAAwDWAAUBCOySsKcGEKyRvZ3Em6KMeRgAKjYJidY-BJlnsz8RONW33ZHSsj8ZAAAAgD0K8z8hOA0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR40vIFgAEBigEDVVNEkgUG8NeYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWxzsjbjq_i4i7ABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBcH6GfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9LyBdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=f54b115c9172761b50aaea733c472a9c9de8d955&bdref=http%3A%2F%2Fqooh.me%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fqooh.me%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1046108362436506%26output%3Dhtml%26h%3D600%26slotname%3D7328249135%26adk%3D1396144952%26adf%3D3041635956%26pi%3Dt.ma~as.7328249135%26w%3D160%26lmt%3D1693183308%26url%3Dhttp%253A%252F%252Fqooh.me%252Fsmokesalt1%26wgl%3D1%26dt%3D1693190508475%26bpp%3D91%26bdt%3D596%26idt%3D241%26shv%3Dr20230823%26mjsv%3Dm202308220101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26prev_slotnames%3D3666114337%26correlator%3D5874304947353%26frm%3D20%26pv%3D1%26ga_vid%3D1080808763.1693190509%26ga_sid%3D1693190509%26ga_hid%3D293496880%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1003%26ady%3D413%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31077328%252C44800952%26oid%3D2%26pvsid%3D1370072923686911%26tmod%3D272662950%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D5sI36IGQGN%26p%3Dhttp%253A%2F%2Fqooh.me%26dtd%3D244&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
91765923-b4b0-433d-9335-1d7fcd63dd17
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rd_log
ams3-ib.adnxs.com/ Frame BC9D 		0
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QLyA-jyAQAAAwDWAAUBCOySsKcGEMPF3fXWsOvcQhgAKjYJKYoAFKwfsj8RiXFSZXuUsT8ZAAAAgD0K8z8hiQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43_YFgAEBigEDVVNEkgUG8NeYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXiv_DD863P6jrABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBZHZRvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9_2BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=67ea2d49812c6d38cc780ec5cfc41e5b299a25cf&bdref=http%3A%2F%2Fqooh.me%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fqooh.me%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1046108362436506%26output%3Dhtml%26h%3D90%26slotname%3D3666114337%26adk%3D1608794313%26adf%3D532506735%26pi%3Dt.ma~as.3666114337%26w%3D728%26lmt%3D1693183308%26url%3Dhttp%253A%252F%252Fqooh.me%252Fsmokesalt1%26wgl%3D1%26dt%3D1693190508472%26bpp%3D93%26bdt%3D592%26idt%3D218%26shv%3Dr20230823%26mjsv%3Dm202308220101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26correlator%3D5874304947353%26frm%3D20%26pv%3D2%26ga_vid%3D1080808763.1693190509%26ga_sid%3D1693190509%26ga_hid%3D293496880%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D436%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31077328%252C44800952%26oid%3D2%26pvsid%3D1370072923686911%26tmod%3D272662950%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DiietcylNko%26p%3Dhttp%253A%2F%2Fqooh.me%26dtd%3D236&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
439350db-7fdb-4e00-b885-fec4ca4aeca1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acf2b6824de1a6e8dadb0a181f81186a135e3de891194a2a991d48409ac05aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53632
x-xss-protection
0
server
cafe
etag
4624192093613525876
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:49 GMT
truncated
/ Frame E5DC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a13c36bf5942cc171b4d3e6a929db73bafab5abfc1ae0a1f1f328114d4a84a96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame E5DC 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKKB-iKAwAAAwDWAAUBCOySsKcGEKyRvZ3Em6KMeRgAKjYJidY-BJlnsz8RONW33ZHSsj8ZAAAAgD0K8z8hOA0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR40vIFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5cDCq0CAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmQxNWU3N2QtNjhiNC00MjYzLWFiZWEtNDIwYzZmYzJmNzgyJmNtRXhwSWQ9TFYyJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4NzI1ODc0NzU3NjQwMDc5NTMyIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUTBOVFkzTnpZNU56Z3lNRE1qTWpNek5qSTFOakExTVRFMU5URTBNQT09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFsc7I246v4uIuwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfoZ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCTUZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9LyBdIHDQkRKAEmDNoHBggFCXjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG&s=de4abe763815bcd27ed0dbe982b1136fe803a2b1&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=160&sid=9000377341435072069&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
63d4d149-9b61-4861-a0cd-afd1076399b6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BC9D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f2f98d28b413b6f8bf9481ddc6bd52a3125537a39f075c96eea03cee67d6b7c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame BC9D 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKOB-iOAwAAAwDWAAUBCOySsKcGEMPF3fXWsOvcQhgAKjYJKYoAFKwfsj8RiXFSZXuUsT8ZAAAAgD0K8z8hiQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43_YFgAEBigEDVVNEkgUG8ECYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEJMS1xb29oLm1l2ALwBuACoqgx6gIZaHR0cDovLw0a8Jovc21va2VzYWx0MYADAIgDAZADAJgDCaADAaoDnAMKsgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05MDcxNzhlMS0yNDgzLTQ2ZDgtOGNkMy00YTAzNjBjMGRhYmEmY21FeHBJZD1MVjMmb0FkVW5pdBFFVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgg5MDeGWgC4cnR5cGU9bnVybCZ0YWdJZD03MjE4MjgyJnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wTF9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4MDgwNjQ4NjU3OTQ0ODI4ODMiCTM4MTg0NjcxNCoEIU_wgTo4VTJWaGNtTm9RV1FqTnpFNE1USXdPVEF6TURReE1UQWpNak15TXpZeE1UWTJOekV5TkRnek5RPT3AA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBa1iIBQGYBQCgBeK_8MPzrc_qOsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFkdlG-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAff9gXSBw0VZQEmCNoHBgFegBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=9c1f58c8e4fe4f8cc4e1116e9cafff0e278baf1b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=9000377341435072069&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
68280b2e-98cf-47f3-a3f2-8f4935d22826
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 46DD 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
52563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 12:05:46 GMT
etag
9878862242593084568
expires
Sun, 10 Sep 2023 12:05:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame BC01 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 18:23:23 GMT
x-azure-ref-originshield
0mXfrZAAAAAAPXNkNaxQ2SKB4jvZDuUsvRlJBMjMxMDUwNDE4MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
OMaSWV/4gIpQkafMEsWVAg==
etag
0x8DBA33CDF15DDE5
x-azure-ref
0bQnsZAAAAACnpQDEqSzdQqt23SnBZkrWWlJIRURHRTA2MDgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
35799c09-701e-002c-0702-d90f94000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame BC01 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Mon, 28 Aug 2023 02:41:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4113929
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-mxp6974-MXP
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1693190509.404763,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
65, 296723
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame BC01 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
46343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame BC01 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
84383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC01 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:41:49 GMT
c.gif
www.bing.com/aes/ Frame BC01
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d8c746c0-dc26-459c-8054-862fdd85eb5e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b0eef4cd-53fd-46a2...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=830a223acdc644af906948fdf5a846e8&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=830a223acdc644af906948fdf5a846e8&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B1CF9DF988A44999A190474C4184DC1D Ref B: FRA31EDGE0510 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a1523a07
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77F75B244673479488A89BDC3FDECBAA Ref B: MIL30EDGE0906 Ref C: 2023-08-28T02:41:49Z
x-cdn-traceid
0.92a12417.1693190509.a152396d
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=830a223acdc644af906948fdf5a846e8&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
th
www.bing.com/ Frame BC01 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239268553741_1N3808VR71KQ3ZXUA&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ce992d47fae77666b12d6ac1bb544e753dc52ea393b801c10719cf8d90e1e0cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.92a12417.1693190509.a1523995
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12462
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame BC01 		0
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QLxA-jxAQAAAwDWAAUBCOySsKcGEOOKp8iRhbWQPhgAKjYJ9rTvYDL6uT8RVTwH3rAyuT8ZAAAAgD0K8z8hVQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4uvUFgAEBigEDVVNEkgUG8NeYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWq8Lv5263n8AXABQDJBQAAAAAAAPA_0gUJCQAAAAABDmzYBQHgBQHwBcA2-gUECAAQAJAGAJgGALgGAMEGASA0AADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuvUF0gcNCREoGBAAGADaBwYBXoAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AY.&s=2cd335545ee30f9dd27114691d31d65eb58babf0&bdref=http%3A%2F%2Fqooh.me%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fqooh.me%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230823%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1046108362436506%26fa%3D4%26ifi%3D5%26uci%3Da!5%26xpc%3DiCbaEWiaHH%26p%3Dhttp%253A%2F%2Fqooh.me,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230823%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
eaf16ae1-1e09-48e6-98c5-4a6b01256a6e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame BC01 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKDB-iDAwAAAwDWAAUBCOySsKcGEOOKp8iRhbWQPhgAKjYJ9rTvYDL6uT8RVTwH3rAyuT8ZAAAAgD0K8z8hVQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4uvUFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5EDCqcCAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjBlZWY0Y2QtNTNmZC00NmEyLTgzMTEtMmJlYjYwZDM0YTJmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AYo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9oemZfMzUmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NDc2ODExMzAyNTg1MDkxNDI3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EVXdNRFkxTWpZM016STBNelFqTWpNek5qZ3dOVGd3Tmprek5qVTRNdz09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqvC7-dut5_AFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwDb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAET14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuvUF0gcNCREnHBAAGADaBwYIBQl44AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=0b8ef10bf5e7ed34904d0ce5c915fabf982639e5&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=9000377341435072069&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
f5ff46b0-7333-4730-a249-e61b37dcfca6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BC01 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cab935e2d4165e8809d69ecf0c1601663153bb28fe62476279615bdcf5474a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame BC01 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmJVibAnsZOnkLu3E7_UPgOGvwAPS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKUBT9BuF6QiZyVtW-5Xh3WlbQsamGdOH-d4dpQR-cDEZze1sBVUyXj4zGHB66L0BZCwJI_PPhSurAO0_TXafK6zrgQkDwreJHM03c6KVIQqwxIo-KzQJg26DVKrtNdnskS_gbM8sepsfnD3SDgqvGDixt6itSqTk2enq_DHtn6-7Is9JUf9zJFtfCuGqNA0eU5Ko9w5UwSixXFxreu9yT-YvG1KX3lGgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMDQ2MTA4MzYyNDM2NTA2GAA&sigh=4qxTrRQm8ys&uach_m=[UACH]&cid=CAQSGwBpAlJW7lxm_iTzVjDGErltwYTzKMWC388QahgB&cbvp=2&vis=1
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Aug 2023 02:41:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 28 Aug 2023 02:41:49 GMT
it
ams3-ib.adnxs.com/ Frame BC01 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKDB-iDAwAAAwDWAAUBCOySsKcGEOOKp8iRhbWQPhgAKjYJ9rTvYDL6uT8RVTwH3rAyuT8ZAAAAgD0K8z8hVQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4uvUFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5EDCqcCAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjBlZWY0Y2QtNTNmZC00NmEyLTgzMTEtMmJlYjYwZDM0YTJmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AYo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9oemZfMzUmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NDc2ODExMzAyNTg1MDkxNDI3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EVXdNRFkxTWpZM016STBNelFqTWpNek5qZ3dOVGd3Tmprek5qVTRNdz09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqvC7-dut5_AFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwDb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAET14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuvUF0gcNCREnHBAAGADaBwYIBQl44AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=0b8ef10bf5e7ed34904d0ce5c915fabf982639e5&pp=ZOwJbAALsmkIu-JtAAvwgD9d5EO0DnoQXhZYig&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_zcdbAnsZOnkLu3E7_UPgOGvwAPS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKgBT9BuF6QiZyVtW-5Xh3WlbQsamGdOH-d4dpQR-cDEZze1sBVUyXj4zGHB66L0BZCwJI_PPhSurAO0_TXafK6zrgQkDwreJHM03c6KVIQqwxIo-KzQJg26DVKrtNdnskS_gbM8sepsfnD3SDgqvGDixt6itSqTk2enq_DHtn6-7Mk_BNU_aGsA6NHyHU5t_fhOgNa9Wiq6HNP39G8BSRW0pK3LvRTSSQfkgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_29wFn1SIZ4Uyzjd6pVsLSu7-sfnQ%26client%3Dca-pub-1046108362436506%26adurl%3D&cbvp=2
Requested by
Host: qooh.me
URL: http://qooh.me/smokesalt1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
0923b5a7-4bc4-4578-a344-7a16dfc86506
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BC9D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRn5ybAnsZN-GLZbd7_UPsomdsAzS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKQBT9DkWGfs-7QDjl3TOHCM95KCkphce8_og2tSdmKibIEdIMhJBekkk-vyGGxbs8xw2fQmDWf1xZ8r1fwIxSyfHu68yCFan8wx9ZLP6zMTcDrkFJTdDOK0Ow08P7f29VPPN6BWC40lrZg5_mMkj_ZCtymn-xQJX9BBFICAoL90JZO9tgdkjVuHuYhq3amWlgZAZZsVtTXshflH4tYiJKH7VqPlue2ABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTEwNDYxMDgzNjI0MzY1MDYYAA&sigh=FQn6EMrwONA&uach_m=[UACH]&cid=CAQSGwBpAlJWpUWdjFm2WXPXuQCgfUA76rOz5yw39xgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Aug 2023 02:41:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 28 Aug 2023 02:41:49 GMT
it
ams3-ib.adnxs.com/ Frame BC9D 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKOB-iOAwAAAwDWAAUBCOySsKcGEMPF3fXWsOvcQhgAKjYJKYoAFKwfsj8RiXFSZXuUsT8ZAAAAgD0K8z8hiQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43_YFgAEBigEDVVNEkgUG8ECYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEJMS1xb29oLm1l2ALwBuACoqgx6gIZaHR0cDovLw0a8Jovc21va2VzYWx0MYADAIgDAZADAJgDCaADAaoDnAMKsgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05MDcxNzhlMS0yNDgzLTQ2ZDgtOGNkMy00YTAzNjBjMGRhYmEmY21FeHBJZD1MVjMmb0FkVW5pdBFFVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgg5MDeGWgC4cnR5cGU9bnVybCZ0YWdJZD03MjE4MjgyJnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wTF9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4MDgwNjQ4NjU3OTQ0ODI4ODMiCTM4MTg0NjcxNCoEIU_wgTo4VTJWaGNtTm9RV1FqTnpFNE1USXdPVEF6TURReE1UQWpNak15TXpZeE1UWTJOekV5TkRnek5RPT3AA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBa1iIBQGYBQCgBeK_8MPzrc_qOsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFkdlG-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAff9gXSBw0VZQEmCNoHBgFegBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=9c1f58c8e4fe4f8cc4e1116e9cafff0e278baf1b&pp=ZOwJbAALQ18Iu-6WAAdEss3VxFq1hqgE-Mgumw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb3HfbAnsZN-GLZbd7_UPsomdsAzS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKcBT9DkWGfs-7QDjl3TOHCM95KCkphce8_og2tSdmKibIEdIMhJBekkk-vyGGxbs8xw2fQmDWf1xZ8r1fwIxSyfHu68yCFan8wx9ZLP6zMTcDrkFJTdDOK0Ow08P7f29VPPN6BWC40lrZg5_mMkj_ZCtymn-xQJX9BBFICAoL90Z5GcJMXAdzYTQ_zfQ_ASIAJjbx8cmy01J38eZmqiDo3jliIH1Hlf3SeABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1SJgtA5GUpwZu3B-UXRXVA1IYhbQ%26client%3Dca-pub-1046108362436506%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508472&bpp=93&bdt=592&idt=218&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&correlator=5874304947353&frm=20&pv=2&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iietcylNko&p=http%3A//qooh.me&dtd=236
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
3afbce47-d74d-44bf-9bad-7c003722e438
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E5DC 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFi22bAnsZKS0LZHR7_UPmM2ssATS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKUBT9CN0Ot0VIuynU4lghf6xHGzuI_IkyNUOJUZa8S3hTR748PfHupx0lQLAW8mfvBRyH99cC6y483E0wnm3yyDWbBBDO3gjAjClY3Bq9U4T46S2lRpgoM25Qzl6dcz6AObrF6zHIEQ-oah5tRQ8gCDcuI8yC1HIsmaVYyRpnA-ZSwS7Sir5NTOAOrkY9DAbLT09YbP9t7JepIO3wz47NTjVi7bWzrDgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMDQ2MTA4MzYyNDM2NTA2GAA&sigh=LEVi-TbPEVo&uach_m=[UACH]&cid=CAQSGwBpAlJWBiWdu4dfFljyDcQ-Ok8E9RTPcyyU8RgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Aug 2023 02:41:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame E5DC 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKKB-iKAwAAAwDWAAUBCOySsKcGEKyRvZ3Em6KMeRgAKjYJidY-BJlnsz8RONW33ZHSsj8ZAAAAgD0K8z8hOA0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR40vIFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5cDCq0CAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmQxNWU3N2QtNjhiNC00MjYzLWFiZWEtNDIwYzZmYzJmNzgyJmNtRXhwSWQ9TFYyJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4NzI1ODc0NzU3NjQwMDc5NTMyIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUTBOVFkzTnpZNU56Z3lNRE1qTWpNek5qSTFOakExTVRFMU5URTBNQT09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFsc7I246v4uIuwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfoZ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCTUZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9LyBdIHDQkRKAEmDNoHBggFCXjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG&s=de4abe763815bcd27ed0dbe982b1136fe803a2b1&pp=ZOwJbAALWiQIu-iRAAsmmIq7x0sfLnNdHqCTMA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8iKKbAnsZKS0LZHR7_UPmM2ssATS4Nfgbo-ktpOTCsCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBKgBT9CN0Ot0VIuynU4lghf6xHGzuI_IkyNUOJUZa8S3hTR748PfHupx0lQLAW8mfvBRyH99cC6y483E0wnm3yyDWbBBDO3gjAjClY3Bq9U4T46S2lRpgoM25Qzl6dcz6AObrF6zHIEQ-oah5tRQ8gCDcuI8yC1HIsmaVYyRpnA-ZW4QzLppQC6jlBCQ1k6Z6ALw1oxL__DRozCIhohEbP7PTu5auVdXZq0qgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Op68ToboBp3wtp6sGc6jCUUM8Lg%26client%3Dca-pub-1046108362436506%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1693183308&url=http%3A%2F%2Fqooh.me%2Fsmokesalt1&wgl=1&dt=1693190508475&bpp=91&bdt=596&idt=241&shv=r20230823&mjsv=m202308220101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=5874304947353&frm=20&pv=1&ga_vid=1080808763.1693190509&ga_sid=1693190509&ga_hid=293496880&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077328%2C44800952&oid=2&pvsid=1370072923686911&tmod=272662950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=5sI36IGQGN&p=http%3A//qooh.me&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:49 GMT
an-x-request-uuid
1035f3ea-6b29-4f9f-929e-bb8a875d1a1c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79dc479e831374a5522283e6d06a58af60e75591b2959bece5eb6b4e5f80f41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11665
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 02:41:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 20:33:34 GMT
expires
Mon, 26 Aug 2024 20:33:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3253 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
02f22ecb272890a633dabec7a1e4c23c6ec8e7af29a2ca66447952a60966d53e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NBalDX9XUK0kL3aLaeC3_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-NBalDX9XUK0kL3aLaeC3_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 02:41:49 GMT
expires
Mon, 28 Aug 2023 02:41:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
pagead2.googlesyndication.com/bg/ Frame F4FB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
114080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14626
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Aug 2024 19:00:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3253 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=1370072923686911&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F4FB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jvXpKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 02:41:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 28 Aug 2023 02:41:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
adsdktelemetry-prod.servicebus.windows.net/telemetry/ Frame BC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adsdktelemetry-prod.servicebus.windows.net/telemetry/messages
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.83.192.11 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
Authorization
SharedAccessSignature sr=https%3A%2F%2Fadsdktelemetry-prod.servicebus.windows.net&sig=YVRTLRh4IatV0iykgXF92i8PB3WjfqU2Y%2FeS4X7eoZA%3D&se=3890221685&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Strict-Transport-Security
max-age=31536000
Date
Mon, 28 Aug 2023 02:41:49 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
c.gif
www.bing.com/aes/ Frame BC9D
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c2090f70-34c0-4a7c-bd60-fbf2c766446c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=907178e1-2483-46d8...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=14344e4fb3b74ded841acf1fe190d69e&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=14344e4fb3b74ded841acf1fe190d69e&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 067262670A384E8D8AE2A7FF012477CC Ref B: FRA31EDGE0710 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a1523f14
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CC598270FA22479D91F5FB6BC6376629 Ref B: MIL30EDGE1309 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a1523eab
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=14344e4fb3b74ded841acf1fe190d69e&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
c.gif
www.bing.com/aes/ Frame E5DC
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4b746d76-9792-4343-ae9b-e42ac16a6238&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=2d15e77d-68b4-4263...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ebc31b81b20c48898560906a756dc6db&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ebc31b81b20c48898560906a756dc6db&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CC3E570A42814CA6A897BFD1668CC8E8 Ref B: FRAEDGE1821 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a1523f2b
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 26B8FD0074D947D1B9D0C57C56BDB72E Ref B: MIL30EDGE1218 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a1523eb5
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ebc31b81b20c48898560906a756dc6db&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
ams3-ib.adnxs.com/ Frame E5DC 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKKB-iKAwAAAwDWAAUBCOySsKcGEKyRvZ3Em6KMeRgAKjYJidY-BJlnsz8RONW33ZHSsj8ZAAAAgD0K8z8hOA0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR40vIFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5cDCq0CAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MmQxNWU3N2QtNjhiNC00MjYzLWFiZWEtNDIwYzZmYzJmNzgyJmNtRXhwSWQ9TFYyJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4NzI1ODc0NzU3NjQwMDc5NTMyIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUTBOVFkzTnpZNU56Z3lNRE1qTWpNek5qSTFOakExTVRFMU5URTBNQT09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFsc7I246v4uIuwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfoZ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCTUZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9LyBdIHDQkRKAEmDNoHBggFCXjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACPAG&s=de4abe763815bcd27ed0dbe982b1136fe803a2b1&type=pv&jm=1003&px=0&py=0&bw=160&bh=160&sf=1&sid=9000377341435072069&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
an-x-request-uuid
2b2a47c7-68b1-4111-8a40-416f487b71d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame BC9D 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKOB-iOAwAAAwDWAAUBCOySsKcGEMPF3fXWsOvcQhgAKjYJKYoAFKwfsj8RiXFSZXuUsT8ZAAAAgD0K8z8hiQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR43_YFgAEBigEDVVNEkgUG8ECYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEJMS1xb29oLm1l2ALwBuACoqgx6gIZaHR0cDovLw0a8Jovc21va2VzYWx0MYADAIgDAZADAJgDCaADAaoDnAMKsgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05MDcxNzhlMS0yNDgzLTQ2ZDgtOGNkMy00YTAzNjBjMGRhYmEmY21FeHBJZD1MVjMmb0FkVW5pdBFFVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgg5MDeGWgC4cnR5cGU9bnVybCZ0YWdJZD03MjE4MjgyJnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wTF9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4MDgwNjQ4NjU3OTQ0ODI4ODMiCTM4MTg0NjcxNCoEIU_wgTo4VTJWaGNtTm9RV1FqTnpFNE1USXdPVEF6TURReE1UQWpNak15TXpZeE1UWTJOekV5TkRnek5RPT3AA9gEyAMA2AOZ6jrgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBa1iIBQGYBQCgBeK_8MPzrc_qOsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFkdlG-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAff9gXSBw0VZQEmCNoHBgFegBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=9c1f58c8e4fe4f8cc4e1116e9cafff0e278baf1b&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=9000377341435072069&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
an-x-request-uuid
d2d79505-768f-4fda-9edc-07619a20290e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=1370072923686911&bg=!ubqluvXNAAYkVgHwBFY7ADQBe5WfOBmyUDQL7-IUQm7yIZtTvbG6idGOJoqHzjMbevYoX6DVw8e24eAVEeNz3Vke2MYVAgAAAFJSAAAABWgBB5kCuBDe5eVOwHA6Te0a6KmPu0G2y1DmuQ2qlocHypThpiagNHM_1gc_mXcpAhC6RtG3mcdRVCxZNLBXDBM4Nw0eqxwXcgISO0JNuHmJ3I6q2DeTDGTlJV9hOXQUl6Mk3YXUtNyu5sXS3AxcO5NdluQw5J383_B7jovN6zHXV8dRk-8Ds2ZL45pGkKxDOyCpHq4hdHQBqN1qvdCrKm9AYzDj-blZq3-ReZMY-t4TxmE7MRNpMlhUOLLv8UsxgN-t7KAl0jecE_qL8-uz_nIBrrbX88E1w2dbo3NsUWVhsMyn7Tef0f4Wj07D4nEPR8OGBah7IPeqswP2YU3LInIRBLiClLvLWjjxhg4jB8qLiTzfe-_hHiP9XTaF9FPXDWz6ct_FXGJ3ZtQyAah1zUQGCmbUL0PaVkZeby4hCkv5RCwb_e_8KUShpyQayRW1Fa4ENzknI4fGYbjen58dRQgGaOs28ku2aOgXBEfnlVB-YcoT5h7VTtzvZzrhReHC9B7xK57VXIEEVMMajeJFrvcTOFjTJxFrDppGtXiBKrvd05Tpfs6kBzgKOjjAk8pU9hycFpHuDgfvC80MyC1BYMv9u1eKHTy54O3UqzUcGF9HphRRju__1EXOFbfGzFVP62pxFNktpGTE3fMkNPgvi_h6NAdT_60o9nnobFWok48Fr1sXCNvTuzG0HVWWKD0Mpf9iclxs4LeJtx1s6FYj_IKfcDF__q1FR0n2YWDv9a9oCW0-fPgYUFdn3wa06Gtj4BjwO_mm-Tr3wy4-7o6M0nEPBXmjtlx6uU6pkXKssOM-JZHWLsYHo3Ofd368W95WALSSfYK1eA-PxYbiRZ0mULAHuOIB6NlknYf0vwJnM4YDN9grJFeqohBKsdRZpU4ogaauCgtk6AAA4orGulavX0Xre3hTkHI--_nbfLhk1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
vevent
ams3-ib.adnxs.com/ Frame BC01 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fqooh.me%2Fsmokesalt1&e=wqT_3QKDB-iDAwAAAwDWAAUBCOySsKcGEOOKp8iRhbWQPhgAKjYJ9rTvYDL6uT8RVTwH3rAyuT8ZAAAAgD0K8z8hVQ0SACkRJNAxAAAAoJmZqT8w6si4Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4uvUFgAEBigEDVVNEkgUG8GmYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBCTEtcW9vaC5tZdgC8AbgAqKoMeoCGWh0dHA6Ly9xb29oLm1lL3Ntb2tlc2FsdDGAAwCIAwGQAwCYAwmgAwGqA5EDCqcCAS_wcXM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjBlZWY0Y2QtNTNmZC00NmEyLTgzMTEtMmJlYjYwZDM0YTJmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AYo5aALhydHlwZT1udXJsJnRhZ0lkPTcyMTgyODImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_QqAV9oemZfMzUmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NDc2ODExMzAyNTg1MDkxNDI3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EVXdNRFkxTWpZM016STBNelFqTWpNek5qZ3dOVGd3Tmprek5qVTRNdz09wAPYBMgDANgDmeo64AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqvC7-dut5_AFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwDb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAET14ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuvUF0gcNCREnHBAAGADaBwYIBQl44AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBg..&s=0b8ef10bf5e7ed34904d0ce5c915fabf982639e5&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=9000377341435072069&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7218282&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
an-x-request-uuid
beec7175-168b-478d-8f37-b7007ace53bb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame BC01
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d8c746c0-dc26-459c-8054-862fdd85eb5e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b0eef4cd-53fd-46a2...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=830a223acdc644af906948fdf5a846e8&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=830a223acdc644af906948fdf5a846e8&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C886ED787FF747D5A9862D49FBF930A5 Ref B: FRA31EDGE0711 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a15241c4
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 28 Aug 2023 02:41:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1F8B9006AB73465E8E111D42092018DE Ref B: MIL30EDGE1517 Ref C: 2023-08-28T02:41:50Z
x-cdn-traceid
0.92a12417.1693190510.a15240c5
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=830a223acdc644af906948fdf5a846e8&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame BC01 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWkdnCmvRDHA-XEuLcw9Jj80W0-98Wx6QC90jMF3NwntRdUXj6_veqvYMFPQe2xfg2ZH64fNxM5byrITJ4ceBxca1efHMfDA3GIEZy&sig=Cg0ArKJSzKibUCCQqwhBEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1693190509387&rpt=158&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BC9D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8M1k3Ky4pz-oBnCMPVdraAcO_v0i9tABH6KwyA2GsbNWDbtmmDecoV9IQVXyx5niiHlFR8SkmcWNJz3X20pdI2kQWWFOcJaQgK349&sig=Cg0ArKJSzLCDXDgHnIumEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1608794313&rs=2&la=0&cr=0&vs=4&r=v&rst=1693190508710&rpt=888&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E5DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB6UTwCgVy0lsfWV4HQON0GKBtSez1N84bkCJDpBFfDbcKuRj-nX9cHIgHG8I7HhwWXS244BDXUbVqIVvB-dVrQqfVIMbB0suPGesc&sig=Cg0ArKJSzHSHOjqkQqzaEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1396144952&rs=2&la=0&cr=0&vs=4&r=v&rst=1693190508720&rpt=900&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 02:41:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery string| siteName boolean| mobile undefined| facebookHelper object| facebookDialogTemplate function| FacebookDialogTemplate object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| srtr object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| srldp object| sugawps object| google_shadow_mode object| adsbygoogle function| initializeColorBox function| get_more_questions function| post_question function| ask_another_question function| follow_me function| unfollow_me function| deleteResponse function| likeUnlike function| update_inbox_count function| chageCharacterCount object| _gaq object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| _gat object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.qooh.me/ Name: PHPSESSID
Value: bj0mktmecd523s0ajhpvueifs5
.qooh.me/ Name: __utma
Value: 3998191.1426687138.1693190509.1693190509.1693190509.1
.qooh.me/ Name: __utmc
Value: 3998191
.qooh.me/ Name: __utmz
Value: 3998191.1693190509.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.qooh.me/ Name: __utmt
Value: 1
.qooh.me/ Name: __utmb
Value: 3998191.1.10.1693190509
.qooh.me/ Name: __gads
Value: ID=d010d21fb3312ea2-2228a4b75ede004e:T=1693190508:RT=1693190508:S=ALNI_MaS9BGVh-Lca0YusG81h-x_eZz9lw
.qooh.me/ Name: __gpi
Value: UID=00000c6984d432d0:T=1693190508:RT=1693190508:S=ALNI_MZjSLmLM6QYWjEhjWWD6iE_aYb8Tg
.bing.com/ Name: MUID
Value: 01E21EA01FEE6C513F0F0DDB1E996DCC
.doubleclick.net/ Name: IDE
Value: AHWqTUmgw-h9o6VwLeaX_H1JeO6P6NJZKCetoYZL-Q2mgJ5FO4ylC94Mnb8_3weOKgg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
adsdktelemetry-prod.servicebus.windows.net
ams3-ib.adnxs.com
cdn.adnxs.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
qooh.me
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagservices.com
151.101.65.108
185.89.210.90
20.83.192.11
2620:1ec:46::42
2a00:1450:4001:806::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200e
2a02:26f0:3500:1b::1724:a392
2a06:98c1:3120::3
02f22ecb272890a633dabec7a1e4c23c6ec8e7af29a2ca66447952a60966d53e
07ad9cc78d71edd42ca9dc388990cdfb9b391cb2ef253eba704e4b4aa3f0e3bf
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a
09f700db140763a4cc46b3f8d8222ad0a0ba2ed68619e5f05190b91254b38963
0cab935e2d4165e8809d69ecf0c1601663153bb28fe62476279615bdcf5474a6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
19c81423816ae87ed7688232196b216f1d7e70e4f8b4fc96c987e8771ebb55eb
1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6
2231bb7c4724884581220fa09c5bf33a32dfbe35caff9b4ebda124a0df5d4003
3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32e9da50cd84d45e29b02f30e60abeb0dee47c8d761ef0d692f000171b7299b1
35ccdc6ee26e1328c27daef63a356d4539096cf66133405877779631d14d864e
3aac2a4cb0a1e63cf8a548ae17fa034c54baa75299851cfa3608e53084ed828a
3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418
549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472
6e09a302c84c19a3cf99db9d7afc9f6c48a3d05b0de574082a886a1048bb55fe
79dc479e831374a5522283e6d06a58af60e75591b2959bece5eb6b4e5f80f41a
7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7
7f2f98d28b413b6f8bf9481ddc6bd52a3125537a39f075c96eea03cee67d6b7c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bdb2067968321dca0231af7cb9ced31b3a321aab80db6e5fdd7c25fb3d1f9b1
926f4360b2abda8e3ca747d146c0d387e7f0e726e8d7781ad8369559419ca136
a13c36bf5942cc171b4d3e6a929db73bafab5abfc1ae0a1f1f328114d4a84a96
a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef
a4ba844dd416a0135d6c6d0d607b10c325222b219453edb345ff61925c097758
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
acf2b6824de1a6e8dadb0a181f81186a135e3de891194a2a991d48409ac05aa4
b0050a5561fee9212ff2d819876b55ffe41dde6cb44fd27942b453c6784e0ffe
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694
ce992d47fae77666b12d6ac1bb544e753dc52ea393b801c10719cf8d90e1e0cd
d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880
e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629