imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.ctraxlive.com/88d22a378a6cc8bf098437269649ec5f
Effective URL:
https://imgbb.com/
Submission: On January 31 via api (January 31st 2022, 4:11:20 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 30 domains to perform 133 HTTP transactions. The main IP is 46.229.170.2, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is imgbb.com. The Cisco Umbrella rank of the primary domain is 269156.
TLS certificate: Issued by R3 on January 13th 2022. Valid for: 3 months.

This is the only time imgbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.184.189.178 35.184.189.178	15169 (GOOGLE) (GOOGLE)
1	46.229.170.2 46.229.170.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
16	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3039::6815:c06d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:112:f006... 2620:112:f006:bbbb::12	6336 (TURN-US-ASN) (TURN-US-ASN)
4 9	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
3 3	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3039::6815:c06c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:b60... 2a02:26f0:b600:1af::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 5	184.87.213.8 184.87.213.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.149.12.213 34.149.12.213	() ()
1	142.250.185.198 142.250.185.198	() ()
1	2a00:1450:400... 2a00:1450:4001:828::2006	() ()
133	30

1 35.184.189.178 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 178.189.184.35.bc.googleusercontent.com

track.ctraxlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.229.170.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

imgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 95.211.66.34 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3039::6815:c06d (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f006:bbbb::12 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c06c (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:b600:1af::4469 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.87.213.8 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (None, )

ASN- ()

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	313 KB
22	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 ad.doubleclick.net googleads4.g.doubleclick.net Failed	204 KB
17	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 41736 clickiocdn.com — Cisco Umbrella Rank: 31095	60 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2190 ad4m.at — Cisco Umbrella Rank: 1809 assets.ad4m.at — Cisco Umbrella Rank: 34120	594 KB
8	simgbb.com simgbb.com — Cisco Umbrella Rank: 202703	187 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
5	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 464 rtb0.doubleverify.com tps.doubleverify.com Failed	116 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	103 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	123 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	3 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 608	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3243	878 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 113556 static-de.ad4mat.net — Cisco Umbrella Rank: 151438	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
1	2mdn.net s0.2mdn.net
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 14385	702 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46801	606 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 48812	2 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	697 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	463 B
1	imgbb.com imgbb.com — Cisco Umbrella Rank: 269156	8 KB
1	ctraxlive.com 1 redirects track.ctraxlive.com	200 B
0	openx.net Failed rtb.openx.net Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	webgains.com Failed track.webgains.com Failed
133	30

	Domain	Requested by
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imgbb.com cdn.ampproject.org 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com googleads.g.doubleclick.net
16	clickiocdn.com	s.clickiocdn.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net ad.doubleclick.net
9	cm.g.doubleclick.net	4 redirects 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net imgbb.com
8	simgbb.com	imgbb.com simgbb.com
6	assets.ad4m.at	as.ad4m.at
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	s.clickiocdn.com 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
4	cdn.doubleverify.com	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com cdn.doubleverify.com imgbb.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.google.com	1 redirects tpc.googlesyndication.com imgbb.com 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com imgbb.com
3	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
1	s0.2mdn.net	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	www.awin1.com	as.ad4m.at
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
1	cms.quantserve.com	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	imgbb.com
1	s.clickiocdn.com	imgbb.com
1	imgbb.com
1	track.ctraxlive.com	1 redirects
0	rtb.openx.net Failed	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
0	sync-tm.everesttech.net Failed	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
0	a.tribalfusion.com Failed	039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
0	tps.doubleverify.com Failed	cdn.doubleverify.com
0	googleads4.g.doubleclick.net Failed	ad.doubleclick.net
0	track.webgains.com Failed	as.ad4m.at
133	44

This site contains links to these domains. Also see Links.

Domain
clickio.com
api.imgbb.com
ar.imgbb.com
bg-bg.imgbb.com
cs.imgbb.com
da.imgbb.com
de.imgbb.com
el.imgbb.com
es.imgbb.com
et-ee.imgbb.com
fa.imgbb.com
fi.imgbb.com
fr.imgbb.com
he.imgbb.com
hu.imgbb.com
id.imgbb.com
it.imgbb.com
ja.imgbb.com
ko.imgbb.com
lt-lt.imgbb.com
nb.imgbb.com
nl.imgbb.com
pl.imgbb.com
pt.imgbb.com
pt-br.imgbb.com
ru.imgbb.com
sk.imgbb.com
sr-rs.imgbb.com
sv.imgbb.com
tr.imgbb.com
uk.imgbb.com
vi.imgbb.com
zh-cn.imgbb.com
zh-tw.imgbb.com

Subject Issuer	Validity	Valid
*.imgbb.com R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
s.clickiocdn.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
adlmerge.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://imgbb.com/
Frame ID: 7296717BEC20D6617478EB4DFE7D0ADA
Requests: 41 HTTP requests in this frame

Frame: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 76975271C29F8AB638D4103B3D8996D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 591A10F5F0D79253223BE72046ABA94D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 421B1C13F2D69B80E5AB2E07C397E647
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Frame ID: F7B56D0691D87F4101421306418C5164
Requests: 16 HTTP requests in this frame

Frame: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F001A7F5F8D71DA6FCFC5A3F682CEA4B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D
Frame ID: ED1E2CC20077947CFEB10EE5177CC652
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A47944AC6006FA2273076CF887645DDA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2DE8F02DD2A313E7244F9CC18FDCDF87
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Frame ID: 0B6D5D170B7618E752D0372E577F14ED
Requests: 11 HTTP requests in this frame

Frame: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8016CE79AE83358CE1009B2718E36613
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNW8g8O987sZ7Pw4aHOxqkNgFj3yrtAKIYvRmfVBXZ4lkfYIzd01sT51CGn7ErlxrypNwK-VNWHvZ4lh-cSCSj-9lQTDzaNgtacVNaap_pki9ljxoQUc-Gkpv02CyMe4lbrL08HcJDj9LEnlt0GrvhxOI0th1AdutUj-AV063V7rwHHa9fU
Frame ID: F02F6856FE5372993E2FBBAF62E0B834
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E02483B784C95C2E1B06F4854C6949D2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CFB7B46067877DAB02BF4A67DDA1ED17
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2105.js
Frame ID: D74847984DFDD3E60C5D15989D77F1F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A12AA178250E51AA60679F222FB52E7B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ImgBB — Bild hochladen — Kostenloses Bild Hosting

Page URL History Show full URLs

https://track.ctraxlive.com/88d22a378a6cc8bf098437269649ec5f HTTP 307
https://imgbb.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

86 %
HTTPS

51 %
IPv6

30
Domains

44
Subdomains

30
IPs

7
Countries

1721 kB
Transfer

3812 kB
Size

24
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://clickio.com/?utm_source=imgbb.com&utm_medium=adunit_label&utm_campaign=hor_sticky_desktop
Title: Ads by

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://ar.imgbb.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://bg-bg.imgbb.com/
Title: Български

Search URL Search Domain Scan URL

URL: https://cs.imgbb.com/
Title: Čeština

Search URL Search Domain Scan URL

URL: https://da.imgbb.com/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.imgbb.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://el.imgbb.com/
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://es.imgbb.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://et-ee.imgbb.com/
Title: Eesti (Eesti)

Search URL Search Domain Scan URL

URL: https://fa.imgbb.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://fi.imgbb.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://fr.imgbb.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://he.imgbb.com/
Title: עברית

Search URL Search Domain Scan URL

URL: https://hu.imgbb.com/
Title: Magyar

Search URL Search Domain Scan URL

URL: https://id.imgbb.com/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://it.imgbb.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ja.imgbb.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.imgbb.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://lt-lt.imgbb.com/
Title: Lietuvių (Lietuva)

Search URL Search Domain Scan URL

URL: https://nb.imgbb.com/
Title: ‪Norsk Bokmål‬

Search URL Search Domain Scan URL

URL: https://nl.imgbb.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.imgbb.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.imgbb.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://pt-br.imgbb.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://ru.imgbb.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://sk.imgbb.com/
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://sr-rs.imgbb.com/
Title: Српски

Search URL Search Domain Scan URL

URL: https://sv.imgbb.com/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://tr.imgbb.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://uk.imgbb.com/
Title: Українська

Search URL Search Domain Scan URL

URL: https://vi.imgbb.com/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://zh-cn.imgbb.com/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://zh-tw.imgbb.com/
Title: 繁體中文

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.ctraxlive.com/88d22a378a6cc8bf098437269649ec5f HTTP 307
https://imgbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1&google_push=AYg5qPJsyyJtLh5HpnPau5F9DdpoMfv7rgGPTsjGs0rLh0DwhCk08CbMQkJZWo41F9arsJPsOO7kuwTGMvC6z-uLcxsFxIPllhJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ0NDg4MzQxNTgxNzI2NTk0NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1

Request Chain 71

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPh754xR-e5_fjG63xXA8DI&google_cver=1&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWBSZhzcGCLnQshFn1Q650R HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPh754xR-e5_fjG63xXA8DI&google_cver=1&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWBSZhzcGCLnQshFn1Q650R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU3NzE3OTE0MzE3NjI0MTU3MA&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWBSZhzcGCLnQshFn1Q650R

Request Chain 72

https://onetag-sys.com/sync/i,19/?google_gid=CAESEG0n4rsi7nfQ2l7zIqxXCgY&google_cver=1&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ

Request Chain 73

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEVHyVCf107q-KqxaN-k0Ko&google_cver=1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643645478378 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8d9ee016-8f87-46a7-babe-0dbeda5da5e6-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox%26google_hm%3DBY2e4BaPh0anur4NvtpdpeY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&google_hm=BY2e4BaPh0anur4NvtpdpeY

Request Chain 74

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKEFNGt4sEteg6GUvrhzK9s&google_cver=1&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubENIjHMQ32Ato-fx8MSZUNIBC61NqQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKEFNGt4sEteg6GUvrhzK9s&google_cver=1&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubENIjHMQ32Ato-fx8MSZUNIBC61NqQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03OW1WMUpsRTJ1RVpHZU9xa25qcWdvaFZ5ckRleUo2OX5B&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubENIjHMQ32Ato-fx8MSZUNIBC61NqQ

Request Chain 88

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1&C=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgKJ88c954SleaGzlXuUQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKF7I7IzdKwXuPikEPAw7nc&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMDY1NDAxMTM5MDkwMDA1MQ%3D%3D

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgbb.com/
Redirect Chain

https://track.ctraxlive.com/88d22a378a6cc8bf098437269649ec5f
https://imgbb.com/

30 KB
8 KB

319ms
107ms

Document
text/html

46.229.170.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.229.170.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c9834d7254b386ba2ac2fe7d80d5dc7e627e8dac820f2337512babd3c8977c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 31 Jan 2022 16:11:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: https://imgbb.com/

GET
H2 200 ibb.css
simgbb.com/3524/ 122 KB
26 KB 62ms
33ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/ibb.css
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a173842739bb7112058f3410f64e914aff8fd6efc15283978b402d2548e840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Jan 2022 21:30:57 GMT
server: cloudflare
etag: W/"61f46091-1e9f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jUaPgi2UWGiDddJzb4vZ7FAi6w8LA5FWp86GSLxYFpMuxrj2gvmczvSgS7gEL5sCR00EtHEEnmbORPhC4iVlUO5UGRq1RCscNeeLvl65PGQPu6T106k8zpWfEmIaTiLz4IPPaFqOwjI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d6436fd98539183-FRA

GET
H2 200 360_light.js Show response
s.clickiocdn.com/t/224723/ 138 KB
57 KB 79ms
19ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/224723/360_light.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 16c44eff08ff2861faffa3aa6ab0cd92d0298c34874c1599a148f3effc915687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 16:11:00 GMT
server: nginx/1.16.0
etag: W/"61f80a14-229d0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=60
expires: Mon, 31 Jan 2022 16:12:15 GMT

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 30ms
30ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 892
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938
last-modified: Tue, 27 Dec 2016 13:13:03 GMT
server: cloudflare
etag: "586268df-3aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC3lFyw7lto3Xpw2kOUhRejlW2zdbZ9lOD0mWqw9bvinHIGGjr%2FG%2FsYDIOBEAc4ThaVRSZlkRmI9A4BtJ%2BMeDLex%2FsRVX0oO4vnhZb5sOjbkbHVVqcUAPzTwXNkMZfGCFI70q5Q%2BLUFe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6436fdd9229183-FRA

GET
H2 200 jquery2.js Show response
simgbb.com/3524/ 113 KB
41 KB 46ms
45ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/jquery2.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 31 Oct 2020 19:48:54 GMT
server: cloudflare
etag: W/"5f9dbfa6-1c33c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx2tZjvVB0%2BqJ4s3EU2Qq6KLBJr9v%2FK785nSobXNAhNn3fYWX4SEHMLTJ1ylJpznvOtlcPpE7CU%2FpNMiFqehZ%2FLXRMTIlgBS7cC%2FWW%2BlootRhdqh1st6kqBX0i0j3L%2FXVyGMlYWsOhpt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d6436fdd9459183-FRA

GET
H2 200 ibb.js Show response
simgbb.com/3524/ 223 KB
64 KB 64ms
63ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/ibb.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6c2175f9baeac23e02b043a9ac02c09e07a7cba196fce75cae634315d5bd66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 31 Oct 2020 19:48:54 GMT
server: cloudflare
etag: W/"5f9dbfa6-37c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3XC1VEzFI6BD0tVtDRJJqT%2F18NLdqQ0XbD8qtKWTvcEghy4w4bc6yHqdcHeLRZT6Qu1WI7KuAIm3f4X9I2NF6o8jtrdwJLV%2BpcDYxbNq8pJQpaQ1qwx4zN8S5VcKBWjCyn%2FSy7x5idH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d6436fdd9489183-FRA

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
simgbb.com/include/fonts/opensans/v13/ 15 KB
16 KB 106ms
43ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6733
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15572
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WApi6fAcd8Cwup2MEQVkXOtmjzv6l28j7CaTiOg09caGs0g63a%2BM%2FiGjbToDiHLOszTYHQaaZCfAtpyWs1A5rzcATR7uUwYjgDRrbrR9FSbEP59kzfeMbW5EapfbyJj8Ao7mjz7XGoF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6436fe4e9e0132-AMS

GET
H2 200 icomoon.woff2
simgbb.com/include/fonts/ 7 KB
7 KB 107ms
44ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/icomoon.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6733
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7232
last-modified: Tue, 24 Apr 2018 17:34:06 GMT
server: cloudflare
etag: "5adf6a8e-1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERrYl%2BPDVOgktke5ldMCZySoawCnzCsO69psmEWWyWZ08PAN9EjfYb004u4vsh0YizG0Vxp0YXaFECWGkaFXflrjD7npPFoD1LQETjIfNTHPeREmZdZCZ7VqOEhGKLgtbpfYv11cBYe%2F"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6436fe5ea80132-AMS

GET
H2 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 82ms
43ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6524
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16164
last-modified: Sun, 29 Jan 2017 14:12:55 GMT
server: cloudflare
etag: "588df867-3f24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNlLlh8Ha9YSbPXLjy%2Fb3nI0HJpXZeuI1zuZqygXwnd2Cc3b1o9UdY40h0MAKy4R6NJFYVMod%2BIpWol6WAu9m8e0V5F08qcx0sE5UYvgCuwtP77RL46jcigqG8F5bhiyBOJTiGt4PnCv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6436fe4ea00132-AMS

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 75ms
43ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16152
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5powd9hhHihj0aziAKMzGqbnoh%2B%2BiwZ15XUBA09gbM%2F1HRxo4wm0HaQMVTQdUzDFGwr3M1%2Bb4zpLl9fwIWGUMtymLRaSAuRIhial8LcK4smJMOxmpnDbx649BW9Zw7o%2BlsfmRqUBjBUq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6436fe5ea50132-AMS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 311ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

881673e60d61362db401af4c8ebe298f410b4491319156165a72e529b15a5854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27100
x-xss-protection: 0
server: sffe
etag: "1118 / 235 of 1000 / last-modified: 1643639060"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 16:11:16 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
170 B 67ms
23ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_rdsewciby81da6lq&rt=547575023&site_id=224723&title=ImgBB%20%E2%80%94%20Bild%20hochladen%20%E2%80%94%20Kostenloses%20Bild%20Hosting&l=https%3A%2F%2Fimgbb.com%2F
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 2d7557b9c35de325ecfb6c7d370ad6b1052b9ca3e15a98a697a56468bad67582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 30ms
24ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=fzduroh6b4toqyc547573770&area_id=681339&type=base&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577524
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: a95d08357a5030c6bbaa579eab19f6840bdc6857b7b782be846f11a80979f5fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 29ms
24ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=fzduroh6b4toqyc547573770&area_id=681337&type=base&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577559
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: e05ab725067bde4cc5f93ef913f8765ac845fab22ff971ecd9256a872cb43b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 29ms
25ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=fzduroh6b4toqyc547573770&area_id=681351&type=base&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577588
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: f2764c6c8f6164573b51494e8785e5ad1c9126c0ef75c8e4fb587a9f9c445a61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 29ms
25ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=fzduroh6b4toqyc547573770&area_id=681338&type=dfp&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577576
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3ce0a8539d0566c04b97f68127e30b6be033e9cc048854b868dad28d825e8f05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 27ms
24ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=fzduroh6b4toqyc547573770&area_id=681336&type=dfp&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577521
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 34c2a26150382e4fc80e211055d9ba94d0479cf624d346b4956f82a337d6e583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 26ms
24ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=fzduroh6b4toqyc547573770&area_id=681350&type=dfp&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547577544
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 43df56cde6df434b4e0f750aa7136bdb21d508c85baa4e8c64adf0459ea4a82a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:15 GMT
content-type: text/html

GET
H2 200 pubads_impl_2022012506.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
120 KB 122ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 15:13:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
715 B 146ms
48ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=imgbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

288be5a2f9b7174960e30363a72e97a3b2e197ee7929b5c602fb556e90d3c03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Mon, 31 Jan 2022 16:11:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 141ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 974 B
1 KB 233ms
232ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1555233257543837&correlator=2487691070175482&output=ldjh&impl=fif&eid=31064560%2C31064622%2C31064627&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681349_300x600&enc_prev_ius=0%2F1&prev_iu_szs=1x1&ists=1&fas=8&cookie_enabled=1&bc=31&abxe=1&dt=1643645476432&lmt=1643645476&dlt=1643645475400&idt=991&frm=20&biw=1600&bih=1200&oid=2&adks=2913936725&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=400657713.1643645476&ga_sid=1643645476&ga_hid=2068705043&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5641c9d93d2e75e118979d29957d740a6191fbc245b1efeabd68c992ef93eb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 526
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7697 6 KB
4 KB 155ms
45ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 31 Jan 2022 16:11:16 GMT
expires: Tue, 31 Jan 2023 16:11:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_page_level_ads_2022012506.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 40ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012506.js?cb=31064560

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fc7f3dfe9ae1dda7006736f8f5a8671565609dfe6b48d8e9a06a1fc64f1c9cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12991
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 23:15:56 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 140ms
54ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be376c190687f9f1a77f8fc6d07b133ff6d58c89d0a5e315abeda873db28434e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8931
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 99ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 101ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 681ms
680ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1555233257543837&correlator=2487691070175482&output=ldjh&impl=fif&eid=31064560%2C31064622%2C31064627&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681338_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=unit_type%3Dsticky%26ar_imp%3D0&cust_params=adm_lazy_load%3D0%26adm_lazy_load_var%3D0%26adm_lazy_load_dev%3D0d&cookie=ID%3Dd9fdb0151c2e1214-2267cddc2fcd0042%3AT%3D1643645476%3AS%3DALNI_MZOncRYhKkqXQk5_37qsvkdXqJIsg&bc=31&abxe=1&dt=1643645476759&lmt=1643645476&dlt=1643645475400&idt=991&frm=20&biw=1600&bih=1200&oid=2&adxs=453&adys=1110&adks=4261057470&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=761x-1&msz=728x-1&psts=AGkb-H8n9JhCbBorWpCU1g3BEHvbhKcghW9rHpyc-Yrstxr5&ga_vid=400657713.1643645476&ga_sid=1643645476&ga_hid=2068705043&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a7cc858146af805c9c9343a37774c11153b6e5395999d51084e5965fdfbbc2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11195
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 537ms
537ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1555233257543837&correlator=2487691070175482&output=ldjh&impl=fif&eid=31064560%2C31064622%2C31064627&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681336_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C300x250%7C320x50%7C320x100%7C728x90%7C970x90&prev_scp=unit_type%3Dfixed%26ar_imp%3D0&cust_params=adm_lazy_load%3D0%26adm_lazy_load_var%3D0%26adm_lazy_load_dev%3D0d&cookie=ID%3Dd9fdb0151c2e1214-2267cddc2fcd0042%3AT%3D1643645476%3AS%3DALNI_MZOncRYhKkqXQk5_37qsvkdXqJIsg&bc=31&abxe=1&dt=1643645476766&lmt=1643645476&dlt=1643645475400&idt=991&frm=20&biw=1600&bih=1200&oid=2&adxs=190&adys=458&adks=2175894706&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=1220x0&msz=1220x0&psts=AGkb-H8n9JhCbBorWpCU1g3BEHvbhKcghW9rHpyc-Yrstxr5&ga_vid=400657713.1643645476&ga_sid=1643645476&ga_hid=2068705043&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

51ef1ae4eca7657d4a5af2b28ccadc2eb5124e46784005b6b126a74d8e9aee51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10662
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 2215ms
2215ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1555233257543837&correlator=2487691070175482&output=ldjh&impl=fif&eid=31064560%2C31064622%2C31064627&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681350_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x50%7C728x90&prev_scp=unit_type%3Dfixed%26ar_imp%3D0&cust_params=adm_lazy_load%3D0%26adm_lazy_load_var%3D0%26adm_lazy_load_dev%3D0d&cookie=ID%3Dd9fdb0151c2e1214-2267cddc2fcd0042%3AT%3D1643645476%3AS%3DALNI_MZOncRYhKkqXQk5_37qsvkdXqJIsg&bc=31&abxe=1&dt=1643645476768&lmt=1643645476&dlt=1643645475400&idt=991&frm=20&biw=1600&bih=1200&oid=2&adxs=160&adys=85&adks=589635166&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=1280x0&msz=1280x0&psts=AGkb-H8n9JhCbBorWpCU1g3BEHvbhKcghW9rHpyc-Yrstxr5&ga_vid=400657713.1643645476&ga_sid=1643645476&ga_hid=2068705043&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4027e1755e07b96e9daec4616ca15065711b339c24caf3f9afab629c92dbf970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11959
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 205ms
111ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:11:16 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 20ms
19ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=fzduroh6b4toqyc547573770&area_id=681338&policy=ok&sub_id=1&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547678826
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: cec20ab27ca6051869b184ef25fd4ee4158b8278cbdc5d4aee34d4b142d20398

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:16 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 20ms
19ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=fzduroh6b4toqyc547573770&area_id=681336&policy=ok&sub_id=1&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547678805
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 38b0c5c01dd1922d48ca7c31f59d911d512bdc60233f62fd39e65e7d502a0dd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:16 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 18ms
18ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=fzduroh6b4toqyc547573770&area_id=681350&policy=ok&sub_id=1&f=__lxG__.tmp.rot_04pqottgz4lqmjnf&rt=547678854
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 864f84325c46869cf4545ec43741c7e1d7c9404e070fd85c83d29af41ab1f310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:11:16 GMT
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 591A 13 KB
5 KB 99ms
44ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:09:03 GMT
expires: Tue, 31 Jan 2023 16:09:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 421B 783 B
1 KB 148ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

087a09aebaa57fc895410be67462db1cb8934bcff86416d4027a771bd31a5f5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cLCaYbsqAml84n/dOjZCwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 16:11:17 GMT
date: Mon, 31 Jan 2022 16:11:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cLCaYbsqAml84n/dOjZCwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 591A 35 KB
13 KB 89ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 15:03:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 421B 0
0 105ms
104ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=1555233257543837&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMjV+NjgxMzI0fjY4MTM2NH42ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxMzQ1fjY4MTMzOX42ODEzNTF+NjgxMzM3fjY4MTMzMH42ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzNDh+NjgxMzM4fjY4M... 38 B
206 B 26ms
26ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMjV+NjgxMzI0fjY4MTM2NH42ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxMzQ1fjY4MTMzOX42ODEzNTF+NjgxMzM3fjY4MTMzMH42ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzNDh+NjgxMzM4fjY4MTMzNn42ODEzNTB+NjgxMzM5fjY4MTMzN342ODEzNTF+NjgxMzM4fjY4MTMzNn42ODEzNTAmc3NpZD1+MSZhY3Q9ZGV2X3RhcmdfcmVtfi1+LX4tfi1+LX4tfi1+Zm5kX29uX3Bnfi1+LX5ydHJfdmFyX2Noc25+LX4tfi1+LX5ydHJfdmFyX2luc3RhbGx+LX4tfnRnbF9zXzB+LX4tfnRnbF9zXzFfZGZwfi1+LSZ1cmw9fmltZ2JiLmNvbSZ2Y250PTI1Jl9mPV9fbHhHX18udG1wLmxvZ3N0XzUxOXhrNzduc3d0eGlhaWo/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 57c19f0410368388249f9203188efa86c08e4aa4908641e1175dc5a25cd87d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:17 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzUwfjY4MTMzOH42ODEzMzZ+NjgxMzUwfjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzNTB+NjgxMzM4fjY4M... 38 B
206 B 26ms
26ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzUwfjY4MTMzOH42ODEzMzZ+NjgxMzUwfjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzNTB+NjgxMzM4fjY4MTMzNn42ODEzNTB+NjgxMzM4fjY4MTMzNn42ODEzNTB+NjgxMzM4fjY4MTMzNn42ODEzNTAmc3NpZD1+MSZhY3Q9c2xvdF9jYWxsX2FkbX4tfi1+c2xvdF9jYWxsX2FkbV9sbHZfMH4tfnNsb3RfaGJfZW5kfi1+LX5zbG90X2luX3Bnfi1+LX5zbG90X2xsX3Zhcl8wfi1+c2xvdF9ybmRyX2NsbH4tfi1+dGdsX3NfMl9va34tfi1+dGdsX3NfMl9va19va34tfi1+dW5pdF9oYl9lbmR+LX4tJnVybD1+aW1nYmIuY29tJnZjbnQ9MjUmX2Y9X19seEdfXy50bXAubG9nc3RfNTNwNjMwMDZjd3ppemhxbg/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 7f6c1f7ac193d1349f42629c67de019d0a9b66d0f4637a38b48d53207dc7b2db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:17 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzMzh+NjgxMzM2fjY4MTM1MH4tfi0mc3NpZD1+MSZhY3Q9Z19ldl9zcmVxfi1+LX5nX2V2X3NyZXFfbGx2XzB+LX4tfnNsb3RfY2FsbF9hZG1fbGx2XzB+c2xvdF9sbF92Y... 38 B
206 B 21ms
21ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzh+NjgxMzM2fjY4MTM1MH42ODEzMzh+NjgxMzM2fjY4MTM1MH4tfi0mc3NpZD1+MSZhY3Q9Z19ldl9zcmVxfi1+LX5nX2V2X3NyZXFfbGx2XzB+LX4tfnNsb3RfY2FsbF9hZG1fbGx2XzB+c2xvdF9sbF92YXJfMCZ1cmw9fmltZ2JiLmNvbSZ2Y250PTgmX2Y9X19seEdfXy50bXAubG9nc3RfZjFhMTUzYm1vZ3lpb3hrMQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 27097228d35eb109bd2217aef8374f0c753785dffb65ec9cae66f2f9c2c3eab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:17 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111152338000/ Frame F7B5 190 KB
54 KB 402ms
108ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 494742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55512
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "211febc96caa9486"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame F7B5 13 KB
5 KB 398ms
104ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 494742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame F7B5 89 KB
28 KB 346ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 494742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame F7B5 5 KB
3 KB 341ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 324145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Thu, 27 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Jan 2023 22:08:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame F7B5 40 KB
13 KB 342ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 324145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Thu, 27 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Jan 2023 22:08:52 GMT

GET
DATA 200
OK truncated
/ Frame F7B5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42b3390277835c717720901d31308e464aff9c5f9978dda7072e26b9c49d7a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13354645212532366300
tpc.googlesyndication.com/simgad/ Frame F7B5 85 KB
85 KB 58ms
58ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13354645212532366300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn2O5VNvbHtwp-XfxopYf7nr5BWA

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:38:23 GMT
x-content-type-options: nosniff
age: 257574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87145
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:52:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Jan 2023 16:38:23 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B5 2 KB
2 KB 54ms
54ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 23379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B5 295 B
319 B 57ms
56ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 22692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7B5 0
0 338ms
55ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8R8WGJMfUupDz1ZWYfoQdvAppHpkIODQy0hLi696BljKZQ7DwpVVi513MP2QPqaGO-Xe_sdvRfePyyUnGWGf_3j8u-A
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F7B5 0
0 94ms
93ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfNbBJAr4Ye2UMpjw3gORk4LQCuuT_atn_tDz__0O2tkeEAEgouKjJmCV4pCCoAegAZyv-6gCyAEC4AIAqAMByAMIqgTgAU_Qq6p1Uh2r06VsvYO1a8Gj_0Z7OGfVyqg1nhj9BEf6Sy9ioMDAredKMKYiyIZ3qgq_p068fTWnFhEMVWxh2VwG8-A7bUFuWAg-2_fwLTMKX3K7jfHPx75LHcA77xZlPux_OGU_4W1ZkgDY3rqsFv2dqiVsIyih4l6USn-MAGSL74QFq2WskbIGQwoZsGs3WzixWeyikTTAPUNHaQkshoc-2Zl1M802cgwrIWyYNtROfk-Yb82fGO6FB7ctlMrouMBWQXgqK2UWISIhrhaaAZ6k5MszgyorYr9h6Ii6EN3ZwATZqtSu5wPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDGxRrSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzEwNDc5MDM4Nzc5MjQ2OBi6qhk&sigh=czrDQ9Q0kqQ&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 591A 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3e2azw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F001 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:11:16 GMT
expires: Tue, 31 Jan 2023 16:11:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=1555233257543837&bg=!hIelh8PNAAY6OBv_Ojg7ACkAdvg8Wj9rT41_8CFg4zYbnVI6L_ri8USK5D0qEiuO63aUa2_clAhO2AIAAAG4UgAAAAJoAQeZArUoGjM6FDlFehsUk-MUHq-vxdNjEB43fLfZYe_-fg8DW4KS0vcdD9m8VlSzVRjKCClnnjECTgYLqTxi0V4Cem8h1XxTEVXdgnYCBKhetQ4NtudTji_p6hTJOMZbeWU0JcoWhX6Vmjnomp9X27EOxNqL0AVqWwOKcCBGeJ0No4nGZzNNT2O_ZgXXDrNNke8eCp7xZVoyZhkW_tzUq6iOZOtol3FAkP_ijvbKlT7rVo1CaiKd6LV36pOOnn3e67wwJMpjy3V3AQtZ6VaIRDQGpc-k25CGgOa7qf82NgievY-fczXvTGsVbs4q3-fBIcvHQNZc5tRDF7U9Lc2ok-eKtvdRSQieVU8HYRaT44P89HLer7Nfe7ASGiCHJFCKzpUDuE0EeWLb-dL_GfAgl9kO7GcLb2iC3SY1usPyRuXRARBO67G1iiN1dkiAvDGC_w9RKSrTlEHlD8Wq6Hsy_lxtzOXgEHQNhSDvN3Y71YfpmgDaNKu8yMY6_e7FnZplY59zwZC4DBvwgS52xiEiiAWaMSYngLcucEvBW9fZz4tUhVqom-8RCVtNTAEzIyHNvv12qvf1_cuiDtbjHOeFh63kJmdtmXwaQdSP3HT5VpE6VixHg0aoCEFKqbbUyCRSJ_Ms_EmOCmwtFQdY_16Q5z1H2_57fY-Hb6OnjH_mPqc80FRiXNtuERMKeTDowP_rgfpzI8i_rQ5u68j0r2jNeE-OaU_kEZrDiKOsmhS_brld7x11id3dPB1R6X1Om2A8nwV2fIat3Q41xJzo5uoVetlSoGGkXeU1NY_neUhQ7RFHI0TTRpvlB_-FoHgLcI26Dpet52LnSBIjqZoGiJPVeKD2cqK7hPtoOYlGOurTg3wSbh1VqB-2J_bn9xWlWIcq-XKHw-UapKHKZh5YyuyifAg8dgU5-Z0mvK4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F7B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

114ms
114ms

Image
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Mon, 31 Jan 2022 16:11:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 13354645212532366300
tpc.googlesyndication.com/simgad/ Frame F7B5 85 KB
85 KB 44ms
44ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13354645212532366300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn2O5VNvbHtwp-XfxopYf7nr5BWA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:38:23 GMT
x-content-type-options: nosniff
age: 257574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87145
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:52:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Jan 2023 16:38:23 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B5 2 KB
2 KB 48ms
47ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 23379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B5 295 B
319 B 48ms
48ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 22692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F001 0
0 89ms
88ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQFD2JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE4QFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmOEGu9GuVweAiCgtGDTIXSI3dJsDQSXPazyEasIN3wulvcvgB0RHgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMxMDQ3OTAzODc3OTI0NjgYuqoZ&sigh=LDnahREHFls&uach_m=[UACH]&cid=CAQSPACNIrLMd1W68br7_OkoVH5prUTOURzoA3M346K-Y8USJSLmJKG7RfeCWt1htFzS51cYweldpMMWox69bRgB
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F001 0
0 98ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hcc1vkddszene1tv1eajrt5zf9sv22p3620y25053kh76w8wcky5n5nwwn09gdxdpnyjzz30rcy3wvw3dhddqgprmh66exp1dq3rdjp2qfw9gvtx179mrvgpjptxfhfhcegc3009qvb8jhtfyez1jsnt4f9tmbx2q1n21n83jc81crx7sfj9054xs5kajq3f4y6h2f6q5hqr73ny9t56ngrpgt5easpdmr3ymvy9agcqn2dfj56bzcsvacfnb58fegdnef233y6sc8hwy98kfssqaf31367xe7cpmxnjd091c4jttwgf7h0mssz35d9vnv13bkdhbpqyhafhswtvaeqy736prahcbh82vpt80aenq5ygpjzp0vhnbyza333savcxzgj9rast5a5twh0bax1tkkn19rf8c&b=YfgKJQAECIUKd_cUAAUNc__sPHao7VXtuz7E0Q
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame ED1E 2 KB
3 KB 304ms
272ms Document
text/html 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c70d51c6f7cf369540b05afe302bddf2b590edcdd4e84652b9eba8c5a93cd241

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d64370ceec591de-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F001 2 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:10:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A479 1 KB
749 B 47ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 9905
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F001 14 KB
6 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F001 22 KB
7 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 10:18:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F001 123 KB
37 KB 106ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:11:17 GMT

GET
DATA 200
OK truncated
/ Frame F001 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff2d5f167e4c8ab420e83be245d002bb7d165f1ee0c60ba1f07e75e88fb01d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A479
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1&google_push=AYg5qPJsyyJtLh5HpnPau5F9DdpoMfv7rgGPTsjGs0rLh0DwhCk08CbMQkJZWo41F9arsJPsOO7kuwTGMvC6z-uLcxsFxIPllhJQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ0NDg4MzQxNTgxNzI2NTk0NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1

43 B
407 B

73ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEESs15tjz2oKP28XByp0pTI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A479 35 B
463 B 31ms
10ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFu3ba0iZm8al6G22ZREw-I&google_cver=1&google_push=AYg5qPIHLjYvQ-ot1HeYK_U6IYVeWcPq9pRic__3Wag1OvJNulTMlZavrq0Lu1-haq25BVG-alXrs10PwSBjmAWovDGgk31-pJs

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A479 70 B
265 B 115ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENG-S_D9szSmArFsIdpxbcY&google_cver=1&google_push=AYg5qPJ9gKDq4K3wrWchT-fP4Qntk9DBlIlkOwFZ0eOP6VpoS73lOg5fYLovMAYN_X_-VEjRxvnU9tI1THUtZHi4BFMoP7Wadfbj
Requested by: Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A479
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPh754xR-e5_fjG63xXA8DI&google_cver=1&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWB...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPh754xR-e5_fjG63xXA8DI&google_cver=1&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU3NzE3OTE0MzE3NjI0MTU3MA&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dE...

170 B
232 B

54ms
54ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU3NzE3OTE0MzE3NjI0MTU3MA&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWBSZhzcGCLnQshFn1Q650R

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU3NzE3OTE0MzE3NjI0MTU3MA&google_push=AYg5qPLNm9keeG5ARlWzvOxKLbVmfPtN8o8NocoMAZlkJZZEG5oqN1VZZruhFNiRDazDnoXQUQa9dEWBSZhzcGCLnQshFn1Q650R
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame A479
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEG0n4rsi7nfQ2l7zIqxXCgY&google_cver=1&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A479
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-8d9ee016-8f87-46a7-babe-0dbeda5da5e6-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKdSQnKD2-DLe19RUdwg...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&google_hm=BY2e4BaPh0anur4NvtpdpeY

170 B
188 B

57ms
56ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&google_hm=BY2e4BaPh0anur4NvtpdpeY

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:11:18 GMT
Server: Tengine
ETag: RX8d9ee0168f8746a7babe0dbeda5da5e6005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKdSQnKD2-DLe19RUdwgFbnomUa4SseACgLVaUFL67JIaRkmsaNTsysGzN7wG7Upl-mCp93V8NxXxUaT-M1YYO1bfLZ1sox&google_hm=BY2e4BaPh0anur4NvtpdpeY
Connection: keep-alive
Content-Type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A479
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKEFNGt4sEteg6GUvrhzK9s&google_cver=1&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubE...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKEFNGt4sEteg6GUvrhzK9s&google_cver=1&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubE...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03OW1WMUpsRTJ1RVpHZU9xa25qcWdvaFZ5ckRleUo2OX5B&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGc...

170 B
243 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03OW1WMUpsRTJ1RVpHZU9xa25qcWdvaFZ5ckRleUo2OX5B&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubENIjHMQ32Ato-fx8MSZUNIBC61NqQ

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03OW1WMUpsRTJ1RVpHZU9xa25qcWdvaFZ5ckRleUo2OX5B&google_push=AYg5qPLdau5OFXofC-omUJR7I02ecuaLgYHB4m1mDaaRiYtLJnDhfVvGcDj_7h0ffsQ9-4eubENIjHMQ32Ato-fx8MSZUNIBC61NqQ
date: Mon, 31 Jan 2022 16:11:18 GMT
server: ATS/9.1.0.33
age: 1
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A479 0
232 B 130ms
44ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZEJ3zf0rbavX8tzihbJm5b9ty4o6UncpAxtfesHi5Zcg0HL7So9wY8KK2fwkj639VSLLWXg

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame ED1E 81 KB
11 KB 51ms
36ms Stylesheet
text/css 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 541975
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 25 Jan 2022 09:38:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d64370ece089220-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame ED1E 35 KB
13 KB 40ms
24ms Script
application/javascript 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 31 Jan 2022 16:11:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18612
x-guploader-uploadid: ADPycdvMrnhoseoXAo9zaptubPBaRoIqG4MhGiZQsSRsxjlIgt-eYQufX5HitmctOY1-LdxqAvYu8Ou3oQVDFgBONqo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J7BC%2FzIYE1qjaBW9%2B205Nm%2BNgxqS9fgJXi1MFedEQ2lXF8YnvBJ5uIeEzEbJb5ql%2B1IZDK3faupFzpReeWPRGCC77i2Dqcg0vFH5CZitO99bXTDueOzCTLkccTXixlgDc0ffsg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6d64370edb9b91de-FRA
expires: Mon, 31 Jan 2022 11:01:06 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ED1E 3 KB
4 KB 138ms
82ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 549760
x-guploader-uploadid: ADPycduIhf6Aoa-zYXwOHNffmEbLQvOYt0ueTKOpdiFQ7iUmgrO55IYYUZKQcPDDe0abKq2D7orBtIFsGTx_a-Nc2yE
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk7Rgp3wWQdMYh1tfI4ewrdVONbQqszNkwE9c1Uhb4co4N7u%2BTEZ7cuHsOTgS38BlvD5DifwDr4348kB26x4ePSMGXEBmLXYzqZtbqDbmNRXdeLMili7KuMpGQ5xLVxI2KMKbUQK%2BBkBJC1E3uwbZArE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d64370f795690e6-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2DE8 2 KB
2 KB 39ms
39ms Document
text/html 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Mon, 31 Jan 2022 17:11:18 GMT
cache-control: public, max-age=3600
age: 541975
last-modified: Wed, 06 May 2020 15:09:30 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eTNhsog4m2AYdGXh%2FB35d8u9afvOXw3MaZB5gZrnMO4BebX6TfQNb5lg8RSmBHQMKfbBxG85RPUT26M%2BjnWwmla%2FGr%2BM%2FG9o4Uq%2FfkjI5pgqYaS%2BmarhlFOyEy%2B58rDTmfGXv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d64370f2f0f9220-FRA
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame ED1E 2 KB
2 KB 39ms
39ms XHR
text/plain 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f27868c74ff3a046ce914abc73a2917d7127005e2b2a0d7ae27b72f013d294

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d6437101c0d4c26-AMS
date: Mon, 31 Jan 2022 16:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsv0zHcWhlITyrgokg9P0ilknM0wa5XsUEXlTE6oGqHTFePMQL74gsuEqBMz25r29H4uQ1DE3BJe%2BArhnSvojp6gFj8NPSgNrNZC%2BLbMGtUTEixPLbozKc%2BDMsbPervbN0gdTAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vmjq

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 82ms
58ms Preflight
text/plain 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vmjq
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Um%2Fyw0hlGCg3bBB5GFPnNSl19IyoTPdh2vbdLQr%2BWGIDUlXTozymH%2FB3lW4mJ0KOfHLSlvF3N%2B44iSLQcajC4gDTt1umRQW1kLCjngBMH8noMRKz134mgFvfgRsmP1OuygjiRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d64370fbb284c26-AMS

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0B6D 7 KB
4 KB 282ms
281ms Document
text/html 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28fb6ea2249ab067f2bd52fc7fc094c99a0bd481f980d9de7b72da457632aafe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kyy4117dk0d3tbwyes4cmfc67ehst6egfg83yn8rcgfdg24525anrsahv8na6m4nd8s9f0q5z0h8e6yrbjm78ehsp6gdbcx2d08t0vm68ymwjg7k528d2bcwfxcv7f9qchr2ce0548vrn14g5j3n0mswnb1m5nq98p4yszgmg2d93c695sk8h80shy410pg5d7nrd2bz3srz7s27d5bdh2ha49zx6649rps2cqhz64mc1eg48zqtrpssdhsc3cnv523ghmtxxnxt00kz0ck4hhcv6zwg6rrdjd7jqyzec02a17zm65m13fhkhe1ps86rs6v1r7fkzesf76qd0rxx0pbaba3whsp263pe94wdqcfvjr1gpzq8j5ak59sa9fmaewb96z0sk9w38pj0hbj5g7rq3bgxpkjy88ya4hyjss2gcnxgap94mpey483s7jtpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%26client%3Dca-pub-3104790387792468%26adurl%3D

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6437106a849220-FRA
content-encoding: br

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4M... 38 B
206 B 22ms
22ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzgmc3NpZD1+MSZhY3Q9Z19ldl9zbG9hZH4tfmdfZXZfc2xvYWRfbGx2XzB+LX5nX2V2X3NyZW5kfi1+Z19ldl9zcmVuZF9sbHZfMH4tfmdfZXZfc3JlbmRfbmV+LX5nX2V2X3NyZW5kX25lX2xsdl8wfi1+Z19ldl9zcmVzcH4tfmdfZXZfc3Jlc3BfbGx2XzB+LX5zbG90X2FkbV9yZXBseX4tfnNsb3RfYWRtX3JlcGx5X2xsdl8wfi1+c2xvdF9ybmRyZF9jb250ZW50fi0mdXJsPX5pbWdiYi5jb20mdmNudD0yMiZfZj1fX2x4R19fLnRtcC5sb2dzdF8yNXh2d2phM3cwajlhZzZ2/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: f034595b43700439cfa7196a570ade8ea95de489de7065a90a829ab53c380495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:18 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 22ms
21ms Image
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=547876041&cmp=-1&api=-1&sid=224723&req=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:18 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 0B6D 81 KB
11 KB 48ms
48ms Stylesheet
text/css 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 541975
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 25 Jan 2022 09:38:23 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d6437124f2d9220-FRA
cf-bgj: minify

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 0B6D 15 KB
15 KB 53ms
35ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 394363
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdtpD39iXKfgNuAAhE37W13FZTCxKg6jHvR3NUrLj0fogqoO6XAgzg6SzPuVDfDuDkeK2jhZG15nrGkJsByZnlc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loCKouC0IVpAaDSlLL38C6Ke51jMXfhNw4sHuHOSDEytq%2B1vOLqoJ3%2F9QqltBrrvTQipHopLRVaadqq%2FfZZFG1CrfC%2Fglwhx0CzGPsXTaPtfYRDDbasF%2Fo5CbuUA%2FCQ0kDmtRAgwKsWgYGIl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 6d6437126dd691de-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 0B6D 382 KB
383 KB 53ms
36ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 396556
cf-polished: origFmt=png, origSize=588465
x-guploader-uploadid: ADPycduJVUJO1HRpn7zlZbnlOWLVA6f3cEZl8EO1-4XE9rLbB2ZOSxWUUDUZSPxFEuIE34udWzhsaROyC56LODFW-8AYUXTtiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391402
last-modified: Fri, 22 Oct 2021 09:31:50 GMT
server: cloudflare
etag: "6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yCQy4Mzf%2Bq1dpH2QCGecrbNEbtY%2FRMQCSxmu2PUfe%2Bj%2BfEEv5MCev6Mq7%2B5THqdmaHWmWsQzSs0bH7wIPxF7%2FVSu5N03DtxMdGhQjYOX3ZIQgrqKf3bUwjDUQ7DGhJ6B5wVmkdJ6FXV%2Bc40"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634895110632642
content-type: image/webp
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 588465
accept-ranges: bytes
cf-ray: 6d6437126dde91de-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 0B6D
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATK...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Ne...

0
606 B

137ms
94ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:17 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 31 Jan 2022 05:11:18 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:11:18 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: B9D59BA9:AEA0_91EFC182:01BB_61F80A26_138FD1F2:297EB
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 0B6D 18 KB
19 KB 44ms
28ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395584
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtjPQI_9OqWGDuJa0XRq7egzzj-ZnCdG_JnfUt33YxbfGuc9iiG8v2sjY8L77theqfDq9vNX5FxCvG6eto5NC4lCdOVuA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJUfMYOU0RvQ7GzQ8kTm%2FMSxhHe9eA00POKU2LD5wLPhe1PrNMb4%2FHUMnRG%2F%2BecMPujoTFYYjEMtBlKX8mBenkYVAl1xQlmC9Ac50neT1HzKpIs4pEUqqg6YSjoMl8dzu1%2BlK4Tj7XY%2Bw6Yy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6d6437126dd191de-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 0B6D 9 KB
10 KB 50ms
34ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393609
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdvYsfxgp615GS7qDfHd3VbRa7WtvxKyaRhzgD-wsEbI3P0dYfa_GJdFQffobvvxmXPcFjqvK294sVYhPSRugk6KuxJgow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgOqOyRZNpcqfThys%2FNkyI5m%2FBXtPaNLfE1u3FG2FUsyloH8QesZc9bnD9wq5r1TKP4Ax2OqugjwD7dCu74szubSrTAqlceJUV43hAQ8QowXTeLVyfw%2F%2Fal0gWqkDkdS8hGwpSu0CvOHpGz9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6d6437126de091de-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0B6D 43 B
702 B 168ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0B6D 38 KB
38 KB 60ms
45ms Image
image/webp 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393079
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycds2HVPRI-rs7L49C8F_fpOEaqa3DkDBifHdkLHCje1BtvUGWD5Li5MIBKuSlIvIyh1YfM_kUuL_NOS1ZnLXWTzY4V4beg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75K%2Bx%2FBMSCKVUzUkRgq6O6riNGD0ihRJ6T%2FKGPDWs0349t1zY6nXrWCTe5Ir97H4HORIvTx2qfACyYX8AR6dEJbDXhnlfDDVjXKWULLrso%2FSsRD4nBe90I8ktv%2Bq0qPtn5OS0vQ8LEau5i2N"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6d6437126de391de-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0B6D 84 KB
84 KB 50ms
35ms Image
image/jpeg 2606:4700:3039::6815:c06d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=im6w0TF8C0ivIHL3tNdQ5-NHAdoErYST&g=db9c59a5e7c6dbad3d7de0cf50944325%2F10081108514590891319&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645478432&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbpfd1dbzt113gn498g1ff8t48x1y842m1ne3z1h3y6bh3cptjxhxpmmzjrtg7e87xbne8nd0xwf03vqrtv82jtejw2ftqppqc0evzv5bjth9ff9jawatcgc1ntxaz76r7sacfrxrg6njpjj0mwv1pea107ddyjjfbpn6ays12qwxcg1d6mg4p2wntkzxsf6gb69vdf4ezhbsfjxwmrzq745yd0qjnjqcy5ts2nv1s2rk42xr3ptqretyxq00xyf841wvgszt8ajzyq6ycszn9b%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpCQ_JQr4YYWREJTu3wPzmpSYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0Oo9CIvcCaWitELyx-nQKZUB0kCPzojtv9I6TxXtav-rQ3VecvSGhfVZNySjD_uRfj2RUO3CCr9_EY11B4RelOtMBWjdpasqZ6ITcN7auAmFbwWl5rrEEiG6jLL8zS84EPPrHf-T6G2p8HLEHzELH-gc0i5XT9_QFcRc09X5Qg7Sc-TvF-gAg_fLUIFHWJQUXuytdVG26Qi0cRVBs2TXntFHcF3Pc-qY_-Q0NLsm0gv6ex8sXdRS0kGmekOPZrxsRqDqjUPQ13uFurTJLG3aZ2sHT-NTInvj3MV3pySekdk-E6PgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2th86fui-lWW50LNoI5KOyRdFHEg%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 31 Jan 2022 16:11:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541973
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdtZLUxD1St7sXk-EYespXLKb1_2k2_uAb02nvpX2rsuktJyd27hfzyYqfRDDXoeb15PzHJj0pqtmerHh9g5c2a9TSnMgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6Q7EH5qCwVnns%2FbwrB5bVy1HxY59o1MN0CTnXwF6U%2B5BLnu6l50ZOO%2F%2FkkAEdLSeR3w6EI%2BEXGQIsqk8lTghLZ3txzmqXBIqewZH1ZlEUaeVQx29hqI2XhqcklWCC4K9zL6CDeoX7cyLLjc"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 01 Feb 2022 16:11:18 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6d6437126dda91de-FRA
cf-bgj: imgq:85,h2pri

GET link.html
track.webgains.com/ Frame 0B6D 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F7B5 42 B
64 B 116ms
115ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNvzNtwcdKy3lDjYlbDXJ9OLT22EdEDZZ_OoeawTsVK_ro2DDE7cDkPAugbPXqCiIhc5yOPq8JysASUI_j9yRDxb2DDVadPL7_jlYipD9VquLU68VDMg&sai=AMfl-YRdn4rxaYczXgnBgxN1sVF_fJYGXHtcnqU-dbRRyN73fjCL-RkUTyTJaCCxGsmf_e5uewtpDazA5RMOZ1jwoU3uyJy_Q-sNrbsD9NLJE2P9YiFstrh1HdY-V-SI&sig=Cg0ArKJSzD3ubb0aXlZhEAE&cid=CAASF-RoXtEvd8ECWwpLu5XupQhIo5zXcSxo&id=ampim&o=315,458&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=569&tls=1570&g=100&h=100&tt=1570&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2175894706

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8016 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:11:16 GMT
expires: Tue, 31 Jan 2023 16:11:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F02F 624 B
297 B 51ms
51ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNW8g8O987sZ7Pw4aHOxqkNgFj3yrtAKIYvRmfVBXZ4lkfYIzd01sT51CGn7ErlxrypNwK-VNWHvZ4lh-cSCSj-9lQTDzaNgtacVNaap_pki9ljxoQUc-Gkpv02CyMe4lbrL08HcJDj9LEnlt0GrvhxOI0th1AdutUj-AV063V7rwHHa9fU

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 16:11:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8016 24 KB
14 KB 74ms
74ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArjAacmHhqzbdhPe8scWvt9aKMT7WgAuZcea06Npjb7m5jAkj5NZfSjlW8oSsEtOUCeX2cUeloEy1WM7K97uom2aE39S9UPXam-owalSUxKCE4EkJpX9VX4eP6SEvkJVN28qO-aMPUCMEKhizpR8TiKSZj9Q&cry=1&dbm_d=AKAmf-DLghDBiIMO_n1TxfYa6mVfCPx8Fbr5ah20i8j3YMjEEx8qDIb9aQosUIN821pjybEcQCXevXCYA3IRqlmPbQZamcimUjDaxrAuo1eZLaFi-DJzqT9vpPIZk5KzPb90nID-tFCWAa9zsd_3membMaqI1YkxmFXjvZGuvfzuvjaYzut5X27wnvGbAFxo6zXz4UMHYXu2MSBdOkx4QNZ8UADInxsTj40eiNoAdnX_eVD-y25R8C0ERNo7L_ptFxnOSIW8-1Q1afO0NxZ-sAUSsZafsBTDqN3G4efrUytk1ttYSmyhtd6a9NqF8Fr7I0Th6UPdQ3vSAovH7GMKaZLEeHS3bsBi1Kbd8gciaRwtKtGQDnbi20TZwNO99VBh7VayyDZg2o15wWHkduQHI_jNBcygN7xByhKjWQyJn0pR4cvOj7SqFAITIvlPekd7Sh18YBvN37VnrWKy85bF5klT2nyTJTlnC-a9gjCBV4AQKOQXehG57_Zs3t3ne16j2wEBwgdapqu78LP_7VBatfIpXqrO4ca9C9XBELVYgVYq7VO4zOJ2kek1lUHgYupjcwXF5Cythw3YHg3NCloObJJwIYMyx4W3xiQe9rpzgOsZtoAtMxpu2AJgTmQKBI4wXotXutuJR9pbqT6O_TVZam4BsjclcGLIBUAOd3EY1dkUJBL7SrHCD_YdbEcF6NIy691Y1rC00CpyY-X5OSO2THU6tJ8qwoe7DqINdJDIDDqEcU5UAnLN8j-RLVNLwB31gQ853wpLoVqxk-CbXjL_huV6LA3-Yvd_XdwG5vaK7QW12G7BBcK3gKBbCGzZ57emte8MDaIm3vOZL9wcoMfbiZFUeYHf4sH2bHuy-RbMgDWxaskQrye0ErcUcmOAjoB70RoCNBYZUticSswAdR0G5BmJF1sjTRLa5fkWnF-BO-1i07_6BuHUP4HwYB5q-AXFTREFRArAl712MKPnVXMckZRg62BQHMOo-F3UCVOME5QkhSXwKf-2C-YfFViOEIcLN-imzvH-pTHwnNt97gNRkvhbeKZR-Go9btJEPSw8_Ud_cI21XuZbEPxvq_abxB1NQX_xxFa9aeLd1Ap9cdrWwqHb6Z6HQf0a_uK5faxpTIF5CA2oclfdQVR_HIT6mp0u1rWUDzckjWB_6KFxGav9rygLu4ADqzzAWJasH0mB-Br1JwXW7WE_datusWSGeFFkS97vDMocFxcT5y1WoaH5y6xMQhK7EZXjh2t3VN--anslfusOjnqSoWCl6STl6b8ZRujF8VuLg2Af1bh-XPm2V8E2yf2xy705NxbbBIz8gzhnzHD5cC89u1P0DWDF3h8I5HIEuYU5A5rX5vBdNgZCn5ikIbEL3Bp9NkCdLaF9nK_KJ72gL9pVLnGDRCL_miEUjDXfSqArgbEB39TS6GUCUeC_KyH7IR2b_A65_ubd7vdIDFqK45aIufR1Qa4JKPwXL8dOKBhNMYvyaIfl7ZDTqFmcb_JzNBwsP3bP9Pvkb3ATEpgGXbbbEEwnXr-Cpf6gOZjpxyMrqLMRJebzh1J2Rl4YhO8EYYzxJwUFKwJkn7BIRpfsSwA5iigyKNMi2H9lotd3jnCOJkznQvpzB5c8P-JTpi3tQDTZ13tCDtry0ve0yBtjHnXZbuYnM3WK_drf5i57oWk5_MzYweqnPpeWdm4gK_8tV7igFyqGs7sWUeUj7k8Xzu53krq13daDcvvCmcFOe45KjwpxEYZQVVmVNJjihN42BE3DHcahnAqvZrx57EPV5HnnoUa_qJ4TkVvUY39sO_QaIhal13sRpwfXIxOXrwtpNVfGxjAZtP52zO5Ci6B8VmOfpH9qSw1h3fPsfHz9YJ_gDdKYkemjRQatbuacYFstiKMFc6nQnUiFQ2d_7GDeMQaKpN-GQpTkOc2vl_9-Eme-vevppREkeofa0u2HeFakJg5cjXbky7VqmUtDPGc8ylCnDQnjZuZupS2eIjaCgoEXkrL90bZcsOpVLLnL_dlsI7OfYQldQ18ppr0ht8YupYz_vFLAX0urCdFnus3ZkCaTtw_emwWzV_DT7zyfojPDQTyD1Hvc8ljbAS97Rm_z_DFNNwWAIMv2wt6Jd6QSoPJsgIhEGMpXiBOFOKA7z1qieC-JCjqz1tpWIw8_eu3J5U-mD1tEVDqfoghIxUwr5I4TXOKC2hJRsd3aGgca4iP6hOgQDjjZp5abAg7KlnV36oJetM743obBW5Ct3gSpKe7m2w53W_KFOLA9dEj9s_gdur-n41UySqaumYMtcBIE7lq7ixUq8khBko4rOH9qocWLFwqBVeCC1EkBbaZYlklcTaI46W5aLE78qZHnAi2zEXuMCPyYW94Q22EPmEXD3qM1sO0NszEOOPaFr12hGmQneLDkLJ4JNLj0BLHzy0j0YWRoDurVM0YTh3p-Uy8VlMMawW9F39PEdW9CUWdnKzmcTAaEWPp0w9GzLRpPeje3TEiRbbQx4Y7PBYfqFMreMLsd7FspTk5cgxTgrXLPgKzFKpvgXtZrT9jwsSTpgK71tm0dTCGscgCK_yDXDkI3Bp4cI8eFIIUwmJJhhaWm1n7QoIy6Omz5qchOddcGIdoLHWST78iYMSnXHL3IG70OhZHO1_m5Bu0PNAFy3F-wtdZFIW7UjyGDGGHhBx1Kbjlhw_2qIAGywMSq8zDPFLDS3z3vmpvaPBKmZTO8pLki88Ct9uV1fpB7cFbxSOvCK69GWD-0e7xkcq34OaYfBA4bRctsks8-Sga1zm3pmMyaPhpEp9beG9WHzOHQXCXpBKwWCT8RXzLWbRukifdAvP9o5e8_VrMZBlSKhFROy_hzcieYNu3bmWh25SRNhNyCPNndGmt_qtA64ybbCPMOf4s_cudSNetc&cid=CAASEuRorHf6tj243YhF51kIflo7bw&rfl=1%2Chttps%253A%252F%252Fimgbb.com%252F%240

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1e41d3d56f407f00fb9cdc83f6fd0acf97a4a857f6d28fcb6af7359cc12d8fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8016 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-Rihnc9i77nXCPmcauXqH1rjr4dnoQ-qr80CrrOIlsi2zlMBIK_AKmtXshMYuqHjdJJdwcOhTjZkveFtjlvsrdkn4iQgtof4NUjuqDiUAM4ZicYQ

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 8016 2 KB
1 KB 288ms
17ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229118&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jyqFVsrnUJQdCTjfV6atqW&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 8016 8 KB
4 KB 287ms
16ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jyqFVsrnUJQdCTjfV6atqW&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 16:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0d4ae2df615d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8016 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:10:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8016 123 KB
37 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:11:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8016 14 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8016 0
0 45ms
45ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKu2863SLkfStySfxhSxHhhqDMwDm-4zBlswNmtGKBnstMD-rPYtjwePgIr7qnuZnmeaD4fhYVQLG7RmS6X8WLb3BleA
Requested by: Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F001 42 B
64 B 115ms
69ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXflGMm6rA3N4ZnCqpayh9SdehCI8IR5tLd9JBF17d08MovEphS1ezZLzfYVmUyoK8amsk5wS-7aHCxgqZA2ut7w&sig=Cg0ArKJSzLxODI2QZGKmEAE&cid=CAASF-Ro0-BSTtb4PsgnWAPPClkksmUKmtwd&id=lidar2&mcvt=1000&p=1110,453,1200,1181&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4261057470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643645477701&rpt=373&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 8016 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArjAacmHhqzbdhPe8scWvt9aKMT7WgAuZcea06Npjb7m5jAkj5NZfSjlW8oSsEtOUCeX2cUeloEy1WM7K97uom2aE39S9UPXam-owalSUxKCE4EkJpX9VX4eP6SEvkJVN28qO-aMPUCMEKhizpR8TiKSZj9Q&cry=1&dbm_d=AKAmf-DLghDBiIMO_n1TxfYa6mVfCPx8Fbr5ah20i8j3YMjEEx8qDIb9aQosUIN821pjybEcQCXevXCYA3IRqlmPbQZamcimUjDaxrAuo1eZLaFi-DJzqT9vpPIZk5KzPb90nID-tFCWAa9zsd_3membMaqI1YkxmFXjvZGuvfzuvjaYzut5X27wnvGbAFxo6zXz4UMHYXu2MSBdOkx4QNZ8UADInxsTj40eiNoAdnX_eVD-y25R8C0ERNo7L_ptFxnOSIW8-1Q1afO0NxZ-sAUSsZafsBTDqN3G4efrUytk1ttYSmyhtd6a9NqF8Fr7I0Th6UPdQ3vSAovH7GMKaZLEeHS3bsBi1Kbd8gciaRwtKtGQDnbi20TZwNO99VBh7VayyDZg2o15wWHkduQHI_jNBcygN7xByhKjWQyJn0pR4cvOj7SqFAITIvlPekd7Sh18YBvN37VnrWKy85bF5klT2nyTJTlnC-a9gjCBV4AQKOQXehG57_Zs3t3ne16j2wEBwgdapqu78LP_7VBatfIpXqrO4ca9C9XBELVYgVYq7VO4zOJ2kek1lUHgYupjcwXF5Cythw3YHg3NCloObJJwIYMyx4W3xiQe9rpzgOsZtoAtMxpu2AJgTmQKBI4wXotXutuJR9pbqT6O_TVZam4BsjclcGLIBUAOd3EY1dkUJBL7SrHCD_YdbEcF6NIy691Y1rC00CpyY-X5OSO2THU6tJ8qwoe7DqINdJDIDDqEcU5UAnLN8j-RLVNLwB31gQ853wpLoVqxk-CbXjL_huV6LA3-Yvd_XdwG5vaK7QW12G7BBcK3gKBbCGzZ57emte8MDaIm3vOZL9wcoMfbiZFUeYHf4sH2bHuy-RbMgDWxaskQrye0ErcUcmOAjoB70RoCNBYZUticSswAdR0G5BmJF1sjTRLa5fkWnF-BO-1i07_6BuHUP4HwYB5q-AXFTREFRArAl712MKPnVXMckZRg62BQHMOo-F3UCVOME5QkhSXwKf-2C-YfFViOEIcLN-imzvH-pTHwnNt97gNRkvhbeKZR-Go9btJEPSw8_Ud_cI21XuZbEPxvq_abxB1NQX_xxFa9aeLd1Ap9cdrWwqHb6Z6HQf0a_uK5faxpTIF5CA2oclfdQVR_HIT6mp0u1rWUDzckjWB_6KFxGav9rygLu4ADqzzAWJasH0mB-Br1JwXW7WE_datusWSGeFFkS97vDMocFxcT5y1WoaH5y6xMQhK7EZXjh2t3VN--anslfusOjnqSoWCl6STl6b8ZRujF8VuLg2Af1bh-XPm2V8E2yf2xy705NxbbBIz8gzhnzHD5cC89u1P0DWDF3h8I5HIEuYU5A5rX5vBdNgZCn5ikIbEL3Bp9NkCdLaF9nK_KJ72gL9pVLnGDRCL_miEUjDXfSqArgbEB39TS6GUCUeC_KyH7IR2b_A65_ubd7vdIDFqK45aIufR1Qa4JKPwXL8dOKBhNMYvyaIfl7ZDTqFmcb_JzNBwsP3bP9Pvkb3ATEpgGXbbbEEwnXr-Cpf6gOZjpxyMrqLMRJebzh1J2Rl4YhO8EYYzxJwUFKwJkn7BIRpfsSwA5iigyKNMi2H9lotd3jnCOJkznQvpzB5c8P-JTpi3tQDTZ13tCDtry0ve0yBtjHnXZbuYnM3WK_drf5i57oWk5_MzYweqnPpeWdm4gK_8tV7igFyqGs7sWUeUj7k8Xzu53krq13daDcvvCmcFOe45KjwpxEYZQVVmVNJjihN42BE3DHcahnAqvZrx57EPV5HnnoUa_qJ4TkVvUY39sO_QaIhal13sRpwfXIxOXrwtpNVfGxjAZtP52zO5Ci6B8VmOfpH9qSw1h3fPsfHz9YJ_gDdKYkemjRQatbuacYFstiKMFc6nQnUiFQ2d_7GDeMQaKpN-GQpTkOc2vl_9-Eme-vevppREkeofa0u2HeFakJg5cjXbky7VqmUtDPGc8ylCnDQnjZuZupS2eIjaCgoEXkrL90bZcsOpVLLnL_dlsI7OfYQldQ18ppr0ht8YupYz_vFLAX0urCdFnus3ZkCaTtw_emwWzV_DT7zyfojPDQTyD1Hvc8ljbAS97Rm_z_DFNNwWAIMv2wt6Jd6QSoPJsgIhEGMpXiBOFOKA7z1qieC-JCjqz1tpWIw8_eu3J5U-mD1tEVDqfoghIxUwr5I4TXOKC2hJRsd3aGgca4iP6hOgQDjjZp5abAg7KlnV36oJetM743obBW5Ct3gSpKe7m2w53W_KFOLA9dEj9s_gdur-n41UySqaumYMtcBIE7lq7ixUq8khBko4rOH9qocWLFwqBVeCC1EkBbaZYlklcTaI46W5aLE78qZHnAi2zEXuMCPyYW94Q22EPmEXD3qM1sO0NszEOOPaFr12hGmQneLDkLJ4JNLj0BLHzy0j0YWRoDurVM0YTh3p-Uy8VlMMawW9F39PEdW9CUWdnKzmcTAaEWPp0w9GzLRpPeje3TEiRbbQx4Y7PBYfqFMreMLsd7FspTk5cgxTgrXLPgKzFKpvgXtZrT9jwsSTpgK71tm0dTCGscgCK_yDXDkI3Bp4cI8eFIIUwmJJhhaWm1n7QoIy6Omz5qchOddcGIdoLHWST78iYMSnXHL3IG70OhZHO1_m5Bu0PNAFy3F-wtdZFIW7UjyGDGGHhBx1Kbjlhw_2qIAGywMSq8zDPFLDS3z3vmpvaPBKmZTO8pLki88Ct9uV1fpB7cFbxSOvCK69GWD-0e7xkcq34OaYfBA4bRctsks8-Sga1zm3pmMyaPhpEp9beG9WHzOHQXCXpBKwWCT8RXzLWbRukifdAvP9o5e8_VrMZBlSKhFROy_hzcieYNu3bmWh25SRNhNyCPNndGmt_qtA64ybbCPMOf4s_cudSNetc&cid=CAASEuRorHf6tj243YhF51kIflo7bw&rfl=1%2Chttps%253A%252F%252Fimgbb.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:09:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8016 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1&C=1

43 B
1014 B

95ms
95ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNW8g8O987sZ7Pw4aHOxqkNgFj3yrtAKIYvRmfVBXZ4lkfYIzd01sT51CGn7ErlxrypNwK-VNWHvZ4lh-cSCSj-9lQTDzaNgtacVNaap_pki9ljxoQUc-Gkpv02CyMe4lbrL08HcJDj9LEnlt0GrvhxOI0th1AdutUj-AV063V7rwHHa9fU
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 16:11:19 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 31 Jan 2022 16:11:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F02F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgKJ88c954SleaGzlXuUQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1

43 B
894 B

42ms
41ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNW8g8O987sZ7Pw4aHOxqkNgFj3yrtAKIYvRmfVBXZ4lkfYIzd01sT51CGn7ErlxrypNwK-VNWHvZ4lh-cSCSj-9lQTDzaNgtacVNaap_pki9ljxoQUc-Gkpv02CyMe4lbrL08HcJDj9LEnlt0GrvhxOI0th1AdutUj-AV063V7rwHHa9fU
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 16:11:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2JS0BMlNQKysCWZbGzxdw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F02F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKF7I7IzdKwXuPikEPAw7nc&google_cver=1

43 B
1008 B

21ms
20ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKF7I7IzdKwXuPikEPAw7nc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNW8g8O987sZ7Pw4aHOxqkNgFj3yrtAKIYvRmfVBXZ4lkfYIzd01sT51CGn7ErlxrypNwK-VNWHvZ4lh-cSCSj-9lQTDzaNgtacVNaap_pki9ljxoQUc-Gkpv02CyMe4lbrL08HcJDj9LEnlt0GrvhxOI0th1AdutUj-AV063V7rwHHa9fU

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 66681474-b982-4f24-8a5e-2ba138ddbce6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKF7I7IzdKwXuPikEPAw7nc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F02F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMDY1NDAxMTM5MDkwMDA1MQ%3D%3D

170 B
188 B

57ms
57ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMDY1NDAxMTM5MDkwMDA1MQ%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: da68b1ef-73b1-4b71-a038-e96fa083ac2d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMDY1NDAxMTM5MDkwMDA1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E024 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 167965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame 8016 55 KB
18 KB 20ms
20ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229118&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jyqFVsrnUJQdCTjfV6atqW&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 8016 2 KB
1 KB 462ms
28ms Script
text/javascript 34.149.12.213

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_751130675231&jsTagObjCallback=__tagObject_callback_751130675231&num=6&ctx=1828362&cmp=115845&plc=4229118&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=751130675231&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=1.90&dvpx_strhd=1.90&brid=3&brver=97&bridua=3&dup=null&turl=https://imgbb.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jyqFVsrnUJQdCTjfV6atqW&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau_bh6hccd5g_b4a_hh2ea53hfcd7cfh4a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=13.90&callbackName=__verify_callback_751130675231
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc498913be8190d3a86dc280c0c21afb400244e337e4eef8b05ef31d3f7cff31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:11:19 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 01/30/2022 16:11:19

GET
H3 200 OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Show response
pagead2.googlesyndication.com/bg/ Frame E024 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 16:01:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E024 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx46EJwr4YdjjBJO-3gP01IUoAAAAADgB4AQC&bg=!GBulG1_NAAY6OBv_Ojg7ACkAdvg8Wp-8iKMr6N1v-YWpObReodZvtZKwR8KWYD3YJWG-zPdDqAC0rAIAAAB9UgAAAAJoAQeZAxV1Bi_L5nUBjQHecXFNjQAUiihdocF5qnC4JMfpWCfNifZLOewrLWfWfIUKejllRSz4hyzoO1LXVFet_3YDAW4trcx42854k0kY-S72xQ9DMZ96rwDnTHMVtqjp5tcHaosfS05CA_Ypl7Jl4K4rYWQTSid5QcXsHxTKuYFkSmolW-z-VVaMNnqUCR31NpbhtA1wqCedvMHYSiiGDOG2b5lcY_mt55IH-0o1eyoAAuvWDdinRDmzQu0M_kvG4T8qSrulADk9U-KYoCfdQZlWYoumE4Yz-MVwGSXANGARf0uWcL9f0q4yRJlQZjtmTCR98CvwA9ZFgIxiinIiBaaLMAkRVfGyjvbJoc4XBZ_QGEUF8_PqgxSHLrulU5z3KptU_w5jxVBBhXp9HEwSaADDRFB6pTGw3dG8hH-FmUuOp-r4_bYRRNUFJnvX0G2ubwPZBtyhWR3qj-FgMDXYdxDZ5cCZ5YLe8Sh09gMESBMGT4GulLhkcJ4cYtZN4LeexLkeEy8Ymt1cyzpElHmr-0_NLep3ElUrt10Zk37GZ4JjNWutBFZax0jMVJ_oOLuu-1W3BbSjOULS53lfRgbmcasH3CStBlKoWtbxBpy_A3GlVqn-SBXol4ucihK1NhHHmHBuzhr-tO5Kt_90FMJmu18KZCEE9qmZF3G4eyfypiBYl2SlQAwUfIpxxNRc7Y3m0jlAOpd2OC3_C6FT1rRpoDBWtPgzZSW8HJ_4h7fwCechJxmF4N8IfsYvJmGOTnrzuYlU42oe56SIQbuUzsjDd_J8ISz8LkOHNyy_gRtB7JTBUn0m_MiWl7-2569jf4tBIii2gAf1sGBZGZujSaKwRzPIyzJAR-fPoK56EKZmecP6Yb9LAViAfLE0vzczno21E_VZApVDp-yt4ipWCpRtSfLyT5IUjwfOVAac3FPqzGsEJ-AwpGTzbFU9-r6HF9mIRvWZz-Pu9kKfnxj3vCP28DzWs30KbyofDnT6P5JQVJgpbuyQ52dPRU29cji6j39jcflX1G42SunGTOmNb2brz0mWxwJWH8LBsoY

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8016 10 KB
5 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 31 Jan 2022 17:09:41 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame 8016 41 KB
17 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:58:52 GMT

GET
H2 200 B9689862.280630144;dc_ver=84.245;sz=728x90;u_sd=1;dc_adk=1964084963;ord=hh4a2d;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2F... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 8016 41 KB
21 KB 319ms
90ms Script
text/javascript 142.250.185.198

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;sz=728x90;u_sd=1;dc_adk=1964084963;ord=hh4a2d;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=W)51WkWVb1;sttr=51;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d101bdfb4bf7198e09c6d05f0f11463e10b5746901ed57e44fc8ecd1cc35a022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20731
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzUwfi1+LX4tfi1+LX4tfi1+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTM1MCZzc2lkPX4xJmFjdD1nX2V2X2ltcHZ+LX5nX2V2X2ltcHZfbGx2X... 38 B
206 B 19ms
19ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzM4fjY4MTMzNn42ODEzMzh+NjgxMzUwfi1+LX4tfi1+LX4tfi1+NjgxMzM2fjY4MTMzOH42ODEzMzZ+NjgxMzM4fjY4MTM1MCZzc2lkPX4xJmFjdD1nX2V2X2ltcHZ+LX5nX2V2X2ltcHZfbGx2XzB+LX5nX2V2X3NyZW5kfmdfZXZfc3JlbmRfbGx2XzB+Z19ldl9zcmVuZF9uZX5nX2V2X3NyZW5kX25lX2xsdl8wfmdfZXZfc3Jlc3B+Z19ldl9zcmVzcF9sbHZfMH5zbG90X2FkbV9yZXBseX5zbG90X2FkbV9yZXBseV9sbHZfMH5zbG90X2ltcF92d2Jsfi1+c2xvdF9pbXBfdndibF9sbHZfMH4tfnNsb3Rfcm5kcmRfY29udGVudCZ1cmw9fmltZ2JiLmNvbSZ2Y250PTE3Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2VvZDFqdm5xY2dpYW13eXM/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 98389cb94e77e7b550055a531617c7d627831192fdad5f95f0d0f499108c29bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:11:20 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 8016 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;sz=728x90;u_sd=1;dc_adk=1964084963;ord=hh4a2d;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=W)51WkWVb1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:10:22 GMT

POST view
googleads4.g.doubleclick.net/pcs/ Frame 8016 0
0

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame 8016 24 KB
0 134ms
43ms Image
image/jpeg 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:56:51 GMT
x-content-type-options: nosniff
age: 515669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 16:56:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CFB7 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 167966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements2105.js Show response
cdn.doubleverify.com/ Frame D748 501 KB
92 KB 24ms
23ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2105.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:11:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 14:22:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0c2a3c5e415d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94006

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A12A 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
URL: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 9908
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8016 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 787a3c23b3d56ddfb8c7f217b36b9ba58c73f03d09d1468d08a0346c69bba006

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js
pagead2.googlesyndication.com/bg/ Frame CFB7 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 16:01:43 GMT

GET visit.js
tps.doubleverify.com/ Frame D748 0
0

GET i.match
a.tribalfusion.com/ Frame A12A 0
0

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame A12A 0
0

GET dot.gif
s0.2mdn.net/ Frame A12A 0
0

GET dds
rtb.openx.net/sync/ Frame A12A 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ

Domain: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwfhnrnamb95h400jr4pcd66q4bpy4s1t3tm2yvsjeayh5926wnhxmv0pb7ecfa37st2994cn3axthxt5ds5sgwtxksthfwe7b2tkj7p1qcjhshe020qrqe2t51new2m5gevvhv1e4c1n8rbpv3nx3dtkxarches0mm6whcn8j18m2qaddqtt13wgh9nr303bc7t4btbarza5kk9ksfxqd0tvk04t4phvda7d6eqc035sr4kx14cvfeqjxdy0mh6spxg9m6rbqj93hf79tqb3d1kq37mzzynmf36901brj92t9ajwkzr%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidim6w0TF8C0ivIHL3tNdQ5-NHAdoErYSTasuid__suite_Netmix_Reach09_PRIVATKREDIT

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6m4V_k7w5T6I76Z16N24H4CG7sOBdbcBurr-jXsOXRb4LM7t9NiPXCFSJVO_tmhfSrrYilIk8OdpwsvXKs1AYiRcTUU0Na3QCyLJS4wz1F34eTd5Ne05l7vCeTuwHtAr8w2jamLGJV_AM&sig=Cg0ArKJSzA04fbqlK0AfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20220126.60359&adurl=

Domain: tps.doubleverify.com
URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=79&ttfrms=35&brid=3&brver=97.0.4692.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau_bh6hccd5g_b4a_hh2ea53hfcd7cfh4a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1643645480447845&jsCallback=dvCallback_1643645480447504&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2105&tgjsver=2105&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=5&brh=2&sdf=2&dvp_epl=203&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://imgbb.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jyqFVsrnUJQdCTjfV6atqW&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=478542550305.8594&dvp_tukv=75325324.5175841&dvp_uuid=393895714.0552697&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1522592104500

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBSdudvQKWibtOEdYllW_xA&google_cver=1&google_push=AYg5qPL1AX-HqJuH1HEkjntWT8pwKEvZk20lPxZojeBxeU-mM6VQTNFUhFJCAaznJ273-5VgMVRzhKWZFpLtIC7Dq7h8GoA_O_Lo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL1AX-HqJuH1HEkjntWT8pwKEvZk20lPxZojeBxeU-mM6VQTNFUhFJCAaznJ273-5VgMVRzhKWZFpLtIC7Dq7h8GoA_O_Lo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKXyymx16onhpjNKEI91EPU&google_cver=1&google_push=AYg5qPK-yKZ89eJbVp9DnW4PqiXUyWF9lc5ZJQ51btnF_KrRlgaQCxl8MX882MQt4fnCe4mt9X-95MoemBTwjxDx389YY0ACo_U

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/dot.gif?google_gid=CAESEJj2bDfhQDdxr9_UOW0XaLc&google_cver=1&google_push=AYg5qPLze0dGbv6_AJQQD7af_O8gGWVONX4kgh55ZLLGGDKsN3_e2_WIxOCuNt4liVb2ODTYB8z0vJ0SJ1kafYRuErPkYrZWEpc

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEpTS9sbYw_v12tlXhYfSfI&google_cver=1&google_push=AYg5qPLzhXf_cm8_Dpy0Yk853rZzVwdSjSnqkvWBmLS-WZ69k4bZeBPK5O6Ph7pMqe1h5LX45AMv8PnQdJYe8BFnOhH5dtO26ONw

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgbb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 50ihs4kak67t1gn6nv3ihg97qs
.imgbb.com/	1970-01-20 09:55:41	Name: __gads Value: ID=d9fdb0151c2e1214:T=1643645476:S=ALNI_Mb-60xPqp8mqT6gBjgiaqEpsK75GA
.quantserve.com/	1970-01-20 02:43:41	Name: d Value: EBcBCQGqJYEA
.quantserve.com/	1970-01-20 10:04:19	Name: mc Value: 61f80a25-ef9ed-5ace1-b89ff
.yahoo.com/	1970-01-20 09:20:03	Name: A3 Value: d=AQABBCUK-GECEK0xMLX07HFIKQhl6hT86LgFEgEBAQFb-WEBYgAAAAAA_eMAAA&S=AQAAAtfCGclJieuG-lO-VNdYnkU
.adform.net/	1970-01-20 01:14:24	Name: C Value: 1
.doubleclick.net/	1970-01-20 00:34:09	Name: DSID Value: NO_DATA
.analytics.yahoo.com/	1970-01-20 09:21:07	Name: IDSYNC Value: 18yx~22z4
.adform.net/	1970-01-20 02:00:29	Name: uid Value: 5577179143176241570
.turn.com/	1970-01-20 04:53:17	Name: uid Value: 2444883415817265945
.1rx.io/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8d9ee016-8f87-46a7-babe-0dbeda5da5e6-005%22%7D
.medialead.de/	1970-01-20 09:19:41	Name: trscj Value: MTY0MzY0NTQ3OHxMM1J5WTJzdlpYQjJMekpoWldRek9UZzFOV0kxWmpRMllqZGtPVEJtT1RVNU9EWTNZbVUyTUdZNFAzUTlhSFJzY0NaemRXSnBaRDF2Ym1WcFpGSkJNbWhuWmxGbVJEUndWR3RJZDBnemRGRjBTbWRFVXpsVGVsUnhlRlJIT1hodmJtVnBaRjlmWVhOMWFXUnBiVFozTUZSR09FTXdhWFpKU0V3emRFNWtVVFV0VGtoQlpHOUZjbGxUVkdGemRXbGtYMTl6ZFdsMFpWOU9aWFJ0YVhoZlVtVmhZMmd3T1Y5UVVrbFdRVlJMVWtWRVNWUW1aMlJ3Y2w5amIyNXpaVzUwUFNablpIQnlQVEFtWjJSd2NsOXdaRDB3fFRrOU9SUT09
.awin1.com/	1970-01-20 00:44:10	Name: awpv14098 Value: 412871\|1643645478\|6c945c40-82b0-11ec-afda-2235ec938b8e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519498
.targeting.unrulymedia.com/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8d9ee016-8f87-46a7-babe-0dbeda5da5e6-005%22%7D
.doubleclick.net/	1970-01-20 09:55:41	Name: IDE Value: AHWqTUkrhumsQLWqxZgGuvcAjrSbH-ojw78hnLcGFor9l_pZOCOwJ7ov3PYlz5TffKA
pb.media01.eu/	1970-01-20 18:05:17	Name: DTU Value: D88A307419905DA0419E7A2E548239F1
.adnxs.com/	1970-01-20 02:43:41	Name: uuid2 Value: 5430654011390900051
.adnxs.com/	1970-01-20 02:43:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?eM`mM!]tbPl1M>e)ZlrFUfJ+tGXxpOW'8L0F5xm8KxqD6F!zO-E'Cpp_KC$`(/Sx+bpRzqF1`b_63%Taz
.casalemedia.com/	1970-01-20 02:43:41	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 09:19:41	Name: CMID Value: YfgKJ88c954SleaGzlXuUQAA
.casalemedia.com/	1970-01-20 02:43:41	Name: CMPRO Value: 1133
.casalemedia.com/	1970-01-20 09:19:41	Name: CMRUM3 Value: 2d61f80a272760
.casalemedia.com/	1970-01-20 00:35:31	Name: CMST Value: YfgKJ2H4CicA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPI5KQMkmGxf4LpXiTXju6IBvphdqgxFK2oaUT5g6_ypUYYZZQiCM8lEJL4QdwJnYGB9ygwzp4ll4xpTHLanBClGvVgy4eQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

039e9445d803c2099a62db9745f479c2.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ampproject.org
cdn.doubleverify.com
clickiocdn.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imgbb.com
match.adsrvr.org
pagead2.googlesyndication.com
pb.media01.eu
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
s.clickiocdn.com
s0.2mdn.net
securepubads.g.doubleclick.net
simgbb.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tps.doubleverify.com
track.ctraxlive.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.google.com
www.googletagservices.com
a.tribalfusion.com
cm.g.doubleclick.net
googleads4.g.doubleclick.net
rtb.openx.net
s0.2mdn.net
sync-tm.everesttech.net
tps.doubleverify.com
track.webgains.com
104.111.239.217
142.250.184.226
142.250.185.198
145.239.193.130
184.87.213.8
185.33.220.243
199.127.204.142
2001:678:cb4:bbbb::11
216.58.212.130
2600:1901:0:76b9::
2606:4700:20::ac43:444e
2606:4700:3032::ac43:83fb
2606:4700:3039::6815:c06c
2606:4700:3039::6815:c06d
2620:112:f006:bbbb::12
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a02:26f0:b600:1af::4469
3.126.56.137
34.149.12.213
35.184.189.178
37.157.4.29
46.229.170.2
52.223.40.198
88.198.250.30
95.211.66.34
95.211.66.35
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
087a09aebaa57fc895410be67462db1cb8934bcff86416d4027a771bd31a5f5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14a173842739bb7112058f3410f64e914aff8fd6efc15283978b402d2548e840
153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022
16c44eff08ff2861faffa3aa6ab0cd92d0298c34874c1599a148f3effc915687
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
1e41d3d56f407f00fb9cdc83f6fd0acf97a4a857f6d28fcb6af7359cc12d8fdb
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
27097228d35eb109bd2217aef8374f0c753785dffb65ec9cae66f2f9c2c3eab6
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
288be5a2f9b7174960e30363a72e97a3b2e197ee7929b5c602fb556e90d3c03d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28fb6ea2249ab067f2bd52fc7fc094c99a0bd481f980d9de7b72da457632aafe
2d7557b9c35de325ecfb6c7d370ad6b1052b9ca3e15a98a697a56468bad67582
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
34c2a26150382e4fc80e211055d9ba94d0479cf624d346b4956f82a337d6e583
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38b0c5c01dd1922d48ca7c31f59d911d512bdc60233f62fd39e65e7d502a0dd3
390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3ce0a8539d0566c04b97f68127e30b6be033e9cc048854b868dad28d825e8f05
4027e1755e07b96e9daec4616ca15065711b339c24caf3f9afab629c92dbf970
42b3390277835c717720901d31308e464aff9c5f9978dda7072e26b9c49d7a7e
43df56cde6df434b4e0f750aa7136bdb21d508c85baa4e8c64adf0459ea4a82a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51ef1ae4eca7657d4a5af2b28ccadc2eb5124e46784005b6b126a74d8e9aee51
524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5641c9d93d2e75e118979d29957d740a6191fbc245b1efeabd68c992ef93eb1d
57c19f0410368388249f9203188efa86c08e4aa4908641e1175dc5a25cd87d54
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
787a3c23b3d56ddfb8c7f217b36b9ba58c73f03d09d1468d08a0346c69bba006
7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2
7f6c1f7ac193d1349f42629c67de019d0a9b66d0f4637a38b48d53207dc7b2db
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
864f84325c46869cf4545ec43741c7e1d7c9404e070fd85c83d29af41ab1f310
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
881673e60d61362db401af4c8ebe298f410b4491319156165a72e529b15a5854
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98389cb94e77e7b550055a531617c7d627831192fdad5f95f0d0f499108c29bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cc858146af805c9c9343a37774c11153b6e5395999d51084e5965fdfbbc2a0
a95d08357a5030c6bbaa579eab19f6840bdc6857b7b782be846f11a80979f5fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8
bc498913be8190d3a86dc280c0c21afb400244e337e4eef8b05ef31d3f7cff31
be376c190687f9f1a77f8fc6d07b133ff6d58c89d0a5e315abeda873db28434e
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c70d51c6f7cf369540b05afe302bddf2b590edcdd4e84652b9eba8c5a93cd241
c9834d7254b386ba2ac2fe7d80d5dc7e627e8dac820f2337512babd3c8977c8f
cec20ab27ca6051869b184ef25fd4ee4158b8278cbdc5d4aee34d4b142d20398
d101bdfb4bf7198e09c6d05f0f11463e10b5746901ed57e44fc8ecd1cc35a022
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d7f27868c74ff3a046ce914abc73a2917d7127005e2b2a0d7ae27b72f013d294
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
e05ab725067bde4cc5f93ef913f8765ac845fab22ff971ecd9256a872cb43b65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6c2175f9baeac23e02b043a9ac02c09e07a7cba196fce75cae634315d5bd66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f034595b43700439cfa7196a570ade8ea95de489de7065a90a829ab53c380495
f2764c6c8f6164573b51494e8785e5ad1c9126c0ef75c8e4fb587a9f9c445a61
fc7f3dfe9ae1dda7006736f8f5a8671565609dfe6b48d8e9a06a1fc64f1c9cfb
ff2d5f167e4c8ab420e83be245d002bb7d165f1ee0c60ba1f07e75e88fb01d3c
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

imgbb.com Open in urlscan Pro 46.229.170.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

86 %HTTPS

51 %IPv6

30 Domains

44 Subdomains

30 IPs

7 Countries

1721 kBTransfer

3812 kBSize

24 Cookies

34 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

86 %
HTTPS

51 %
IPv6

30
Domains

44
Subdomains

30
IPs

7
Countries

1721 kB
Transfer

3812 kB
Size

24
Cookies

133 HTTP transactions
3 data transactions