54321.video Open in urlscan Pro
2607:f1c0:86e:9300::35:242a Public Scan

URL: https://www.minds.com/landmanrealty/

URL: https://wisconsin-wi.com/wisconsin-wildlife.html
Title: Wildlife Videos

URL: https://thelandman.net/
Title: Property Tours

URL: https://thelandman.net/wisconsin-public-land.html
Title: Public Land

URL: https://wisconsin-wi.com/wisconsin-state-parks.html
Title: State Parks

URL: https://wisconsin-wi.com/trail-camera-videos.html
Title: trail camera videos

URL: https://wisconsin-wi.com/underwater-camera-videos.html
Title: Aquatic Underwater Life Videos

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://54321.video/ HTTP 301
https://54321.video/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg-tStAxCoAhioAjIItbNy4rp_Ya4 HTTP 301
https://tpc.googlesyndication.com/simgad/6860921938230782715

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmQJv-SY6AQDT5R-81H5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

Request Chain 171

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmQJv-SY6AQDT5R-81H5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

Request Chain 173

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

Request Chain 185

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECEoFEXpY14B1mZ9EnbK6oo&google_cver=1&google_push=Aa02lx9T7Wt42da68tGTHVBLOSGCvDykUZ8ePH5krSw-HnNMzxNalrNqa8A87qaVwwKXWBGulxj1weXID4lyd6_0H-Rld-ZOCXcd_gwEHGnqb58XPANw7_QRtQ9_DnKE3LFZ47CZqwQ3-kPL-S9_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1MjA2MTQzMjU1OTUxNDU1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4gozQkpTDKHrK0uJJCVVk&google_cver=1

Request Chain 188

https://d.agkn.com/pixel/2175/?google_gid=CAESED6H714zjglXdaBFxxHYZ9M&google_cver=1&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9iOgIxR6-h8DWGwwL8tNqHExXz7Y885MSOlHa__01GgjqpDis HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9iOgIxR6-h8DWGwwL8tNqHExXz7Y885MSOlHa__01GgjqpDis&google_hm=Q0FFU0VENkg3MTR6amdsWGRhQkZ4eEhZWjlN

Request Chain 190

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_cver=1&google_push=Aa02lx_lwuJ0w3w2RHeYw9j6wOMcKXCQ30bRcpyqZRYw8kQqlgaSty7qMuJmP0eewq4itXkzXYLWhWVmtjoRQeg41iAXZJAcqSlGoQSXh9Gd_hvV6bjTeODln4c_p_FBOfPgQBJXqvR-VBKYr2sJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx_lwuJ0w3w2RHeYw9j6wOMcKXCQ30bRcpyqZRYw8kQqlgaSty7qMuJmP0eewq4itXkzXYLWhWVmtjoRQeg41iAXZJAcqSlGoQSXh9Gd_hvV6bjTeODln4c_p_FBOfPgQBJXqvR-VBKYr2sJ

Request Chain 217

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBtiu_rFx5PDtv11EJkd6DI&google_cver=1&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb92EiH3jCw7ef_y9PK6vpUizUcyJAChmkNPwtdhYkEn HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb92EiH3jCw7ef_y9PK6vpUizUcyJAChmkNPwtdhYkEn&google_hm=jsK_Zb2B0TeP78fO5JP5JQ

Request Chain 218

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gokka_pNzl3GrJgGrxwRo66ZSoaBBpUhw&google_gid=CAESEGLnSj_yVf1e-53yOU50AMI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gokka_pNzl3GrJgGrxwRo66ZSoaBBpUhw&google_gid=CAESEGLnSj_yVf1e-53yOU50AMI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDkwNzUyMDgwMDAyMjI4MTM4OTAxMg%3D%3D&google_push=Aa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gokka_pNzl3GrJgGrxwRo66ZSoaBBpUhw

Request Chain 220

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAoEV3rE-xn_iBAGUReHIps&google_cver=1&google_push=Aa02lx_W-IR4JCZwI6e49WSYZf63yHSrFrWDrxuUBrxIFc-k2Z7vuK_pwk1r4dckn1M6O_OCLPYgOzRZDkzv96jRv5_POnK8b5DA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAoEV3rE-xn_iBAGUReHIps&google_cver=1&google_push=Aa02lx_W-IR4JCZwI6e49WSYZf63yHSrFrWDrxuUBrxIFc-k2Z7vuK_pwk1r4dckn1M6O_OCLPYgOzRZDkzv96jRv5_POnK8b5DA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZBimibiqTxqtx-KWqokocw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_W-IR4JCZwI6e49WSYZf63yHSrFrWDrxuUBrxIFc-k2Z7vuK_pwk1r4dckn1M6O_OCLPYgOzRZDkzv96jRv5_POnK8b5DA

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKF3XooG318Tt2F4UPw8LRI&google_cver=1&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4pV6RJQHLGMpijo9ye94Nk7Jsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwVDlETkMtMjUtQ1JRMg==&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4pV6RJQHLGMpijo9ye94Nk7Jsh

Request Chain 222

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_cver=1&google_push=Aa02lx-o3w8cSNkqQ8Pf8SRLaFJ0wFtLO6dYbTLgURaDxXtu5IS6tMEylp2TQc9pmMkrT8Hzht0GVvCavdzTBigzPMpdmXooUQo HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx-o3w8cSNkqQ8Pf8SRLaFJ0wFtLO6dYbTLgURaDxXtu5IS6tMEylp2TQc9pmMkrT8Hzht0GVvCavdzTBigzPMpdmXooUQo

236 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
54321.video/
Redirect Chain

http://54321.video/
https://54321.video/

74 KB
15 KB

2131ms
1884ms

Document
text/html

2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 22f3d9c58b3e4d0ef3ac9f3a465816522f870a84ae6478c97e2b984e07525163

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 14950
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 07:52:03 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
link: </media/com_jchoptimize/cache/js/7b20878c84bae92c1649191c7632b55e.js>; rel=preload; as=script,</templates/rt_interstellar/custom/images/54321_Video-Logo-loop.gif>; rel=preload; as=image,</templates/rt_interstellar/custom/images/1-Sharp-54321_Video-Favicon.jpg>; rel=preload; as=image,</templates/rt_interstellar/custom/images/1-Sharp-Gab-Icon.jpg>; rel=preload; as=image,</templates/rt_interstellar/custom/images/1-Sharp-Minds_logo.jpg>; rel=preload; as=image
pragma: no-cache
server: nginx
vary: Accept-Encoding,User-Agent
x-mod-pagespeed: 1.13.35.2-0
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 09 Mar 2023 07:52:01 GMT
Location: https://54321.video/
Server: nginx

GET
H2 200 7b20878c84bae92c1649191c7632b55e.js Show response
54321.video/media/com_jchoptimize/cache/js/ 88 KB
30 KB 133ms
132ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/media/com_jchoptimize/cache/js/7b20878c84bae92c1649191c7632b55e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bf768cbc304376ecab5c6802ed79b678e3c4ebf1b218223216a53ad29f7cb93d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
content-encoding: br
last-modified: Thu, 09 Mar 2023 07:52:03 GMT
server: nginx
etag: W/"64099023-15e60"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 54321_Video-Logo-loop.gif
54321.video/templates/rt_interstellar/custom/images/ 758 KB
759 KB 250ms
250ms Image
image/gif 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/templates/rt_interstellar/custom/images/54321_Video-Logo-loop.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e6c654d41ef00e7f8217613eada70f0c719e8c219160d638b09811af90285736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-bd7cb"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 776139

GET
H2 200 1-Sharp-54321_Video-Favicon.jpg
54321.video/templates/rt_interstellar/custom/images/ 13 KB
13 KB 228ms
226ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/templates/rt_interstellar/custom/images/1-Sharp-54321_Video-Favicon.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8b082ebeabfb3d05b02b5b6f1ea59780900a8a499ebbc327697fa9c664068325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-3212"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 12818

GET
H2 200 1-Sharp-Gab-Icon.jpg
54321.video/templates/rt_interstellar/custom/images/ 11 KB
12 KB 229ms
227ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/templates/rt_interstellar/custom/images/1-Sharp-Gab-Icon.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3332223cefb45c150c5b6c384d64c06b35b093d9922274024a0576de7bd6616f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-2db0"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 11696

GET
H2 200 1-Sharp-Minds_logo.jpg
54321.video/templates/rt_interstellar/custom/images/ 10 KB
10 KB 233ms
232ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/templates/rt_interstellar/custom/images/1-Sharp-Minds_logo.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b56d85a077c6910339bce65223b8d356bf3679f6da9a889b54be3d2acae8caf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-2708"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 9992

GET
H2 200 7b20878c84bae92c1649191c7632b55e.js.pagespeed.jm.Lohu4Ufr52.js Show response
54321.video/media/com_jchoptimize/cache/js/ 88 KB
31 KB 259ms
258ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://54321.video/media/com_jchoptimize/cache/js/7b20878c84bae92c1649191c7632b55e.js.pagespeed.jm.Lohu4Ufr52.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

bf768cbc304376ecab5c6802ed79b678e3c4ebf1b218223216a53ad29f7cb93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 07:52:03 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=300,private
accept-ranges: bytes
content-length: 30988
expires: Thu, 09 Mar 2023 07:57:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 128ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f7e10c1994813b9a7f73e5fc51ab9f58919ec711a84525e0a51b862783060f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48569
x-xss-protection: 0
server: cafe
etag: 2894307678585890363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:03 GMT

GET
H2 200 sawidget.min.js Show response
ebads.net/media/com_sa/js/ 2 KB
763 B 832ms
119ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ebads.net/media/com_sa/js/sawidget.min.js?dccd2068c386261da37dddbd90742d05&ifheight=175&ifwidth=900&ifseamless=1
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d55c3bfffcfd521894472171dd8e06db4e52513db324b34b80d0e44e9b136740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: br
last-modified: Fri, 19 Aug 2022 00:43:30 GMT
server: nginx
etag: W/"62fedcb2-600"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6253689186017899

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7629665ea05398d731bb8c5ba34e63f42b7c3042c81574f1893a6ed73d738700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Origin: https://54321.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48552
x-xss-protection: 0
server: cafe
etag: 17525494765148971106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:03 GMT

GET
H2 200 54321_Video-Logo.gif
54321.video/images/ 758 KB
759 KB 234ms
233ms Image
image/gif 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/images/54321_Video-Logo.gif
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 994d97fc87d58c4814f0a82222c3512cfc2d5323d1f54e33e43f075e55723251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:41:49 GMT
server: nginx
etag: "61cd004d-bd7b8"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 776120

GET
H2 200 main.js.pagespeed.ce.z_b8YumfCP.js Show response
54321.video/media/gantry5/assets/js/ 60 KB
17 KB 450ms
448ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/media/gantry5/assets/js/main.js.pagespeed.ce.z_b8YumfCP.js
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 79694561bccb05538507cf4d4f5c53b0ee2c51bbedf152a435c3f60cd52cdb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 20:32:37 GMT
server: nginx
x-original-content-length: 61372
etag: W/"0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 16655
expires: Fri, 08 Mar 2024 07:52:03 GMT

GET
H2 200 Lato-Regular.woff2
54321.video/templates/rt_interstellar/fonts/lato/lato-regular/ 178 KB
179 KB 252ms
251ms Font
font/woff2 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/templates/rt_interstellar/fonts/lato/lato-regular/Lato-Regular.woff2
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://54321.video/
Origin: https://54321.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-2c9b4"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 182708

GET
H2 200 Lato-Black.woff2
54321.video/templates/rt_interstellar/fonts/lato/lato-black/ 173 KB
173 KB 250ms
250ms Font
font/woff2 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/templates/rt_interstellar/fonts/lato/lato-black/Lato-Black.woff2
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 34bb46634d07ac579411823eb39fac1376b012257460066a98b95075d086ccdd

Request headers

Referer: https://54321.video/
Origin: https://54321.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:03 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-2b26c"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 176748

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6253689186017899&plah=54321.video

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

129beb6aa66a3a66deb0d2d19ad15bb45e2c031d4201c8811438acf068b58271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121465
x-xss-protection: 0
server: cafe
etag: 4784876009641650218
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame 1016 10 KB
5 KB 83ms
19ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 09:47:35 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 09:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
600 B 40ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=54321.video&callback=_gfp_s_&client=ca-pub-6253689186017899

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6253689186017899&plah=54321.video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84bec621b10ece0304c569133607477763fc4d31fe5d840a78dc6432a4fd9627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 69ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 57ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B54 423 KB
86 KB 1211ms
1207ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&adk=1812271804&adf=3025194257&lmt=1678348324&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2F54321.video%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324029&bpp=8&bdt=652&idt=225&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6717609331106&frm=20&pv=2&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3114dc8aa1184bbf746b576ed280be1551953b7b6767bb36130b50cbd36d370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 88154
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:05 GMT
expires: Thu, 09 Mar 2023 07:52:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DCB 100 KB
34 KB 1299ms
1299ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&adk=1993245050&adf=3798025913&pi=t.aa~a.2579648965~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&to=qs&pwprc=3495258229&format=1200x280&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324037&bpp=2&bdt=661&idt=248&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Baz75EuCoV&p=https%3A//54321.video&dtd=253

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caff0cc077d406a5d9399b85f5b09038d1a7d51a46d16b80fbcdbb40d37e7c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:05 GMT
expires: Thu, 09 Mar 2023 07:52:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.php Show response
ebads.net/ Frame 1B2F 1 KB
2 KB 2554ms
2554ms Document
text/html 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
Requested by: Host: ebads.net
URL: https://ebads.net/media/com_sa/js/sawidget.min.js?dccd2068c386261da37dddbd90742d05&ifheight=175&ifwidth=900&ifseamless=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 22f30d1134450f535931b10804c7317c5f9dfb2e101932bfd13dfc18e39f7e23

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 07:52:07 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Thu, 09 Mar 2023 07:52:07 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

GET
H2 200 fa-solid-900.woff2
54321.video/media/vendor/fontawesome-free/webfonts/ 76 KB
77 KB 125ms
124ms Font
font/woff2 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/media/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://54321.video/
Origin: https://54321.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Sat, 18 Jun 2022 13:54:40 GMT
server: nginx
etag: "62add920-131bc"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 78268

GET
H2 200 Lato-Bold.woff2
54321.video/templates/rt_interstellar/fonts/lato/lato-bold/ 181 KB
181 KB 128ms
128ms Font
font/woff2 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://54321.video/templates/rt_interstellar/fonts/lato/lato-bold/Lato-Bold.woff2
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://54321.video/
Origin: https://54321.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:43:17 GMT
server: nginx
etag: "61cd00a5-2d250"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 184912

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 21ms
20ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA7A 125 KB
38 KB 1454ms
1453ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&slotname=5234299869&adk=284956235&adf=3005832069&pi=t.ma~as.5234299869&w=850&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&format=850x280&url=https%3A%2F%2F54321.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324689&bpp=8&bdt=1312&idt=8&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0oZ0YRm1We&p=https%3A//54321.video&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce44b92d83b4e907921f1e0a9e8ee0182f0b1d8ec82f79fe4d9175c5fb595c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
expires: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 matomo.js Show response
website-wi.com/piwik/ 64 KB
20 KB 576ms
117ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://website-wi.com/piwik/matomo.js
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: br
last-modified: Thu, 20 Oct 2022 15:12:22 GMT
server: nginx
etag: W/"63516556-10132"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 D-800X533-Big-Opossum-Living-in-Shed-Winter.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 186 KB
186 KB 121ms
121ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-Big-Opossum-Living-in-Shed-Winter.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 04ba8d7cfb43e307534ed0311519229a67a5a5de05792776c56fb7e0c7316b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 03 Mar 2022 18:19:40 GMT
server: nginx
etag: "622106bc-2e78e"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 190350

GET
H2 200 rdjibaysidelandmanmarked00085f36f2bf84912.jpg
54321.video/media/com_allvideoshare/videos/2020-08/ 605 KB
606 KB 202ms
201ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2020-08/rdjibaysidelandmanmarked00085f36f2bf84912.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 994928fccc4d1854f3e563d3ff79f1c804396846d7d9a9fb5d9d8d36bccf9e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:40 GMT
server: nginx
etag: "61cd0080-9740f"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 619535

GET
H2 200 D-800X533-Bobcat-Walking-Past-Trail-Camera-NICE-Day-3-11-2022.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 375 KB
376 KB 262ms
260ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-Bobcat-Walking-Past-Trail-Camera-NICE-Day-3-11-2022.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dcb8cc2e81ec327a94433f828d4af897d3b67148d0a59f57b7fa59c09fecf712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Fri, 18 Mar 2022 14:47:52 GMT
server: nginx
etag: "62349b98-5dd25"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 384293

GET
H2 200 d800x533cltimbershoresimg41025deadf148ad8d.jpg
54321.video/media/com_allvideoshare/videos/2019-12/ 489 KB
490 KB 335ms
333ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2019-12/d800x533cltimbershoresimg41025deadf148ad8d.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3254a327c2837159e8e91d950d952f20c5839ec8aff29a15ed94d139b7102336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:39 GMT
server: nginx
etag: "61cd007f-7a37d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 500605

GET
H2 200 mommadoefallfawnmainphotomarked5f7a6b6dcca50.jpg
54321.video/media/com_allvideoshare/videos/2020-10/ 450 KB
451 KB 365ms
363ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2020-10/mommadoefallfawnmainphotomarked5f7a6b6dcca50.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e4ce3a897575574f43f8dcf13712c670c25720e9138be6ad9dfa751b10ef4d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:39 GMT
server: nginx
etag: "61cd007f-70898"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 460952

GET
H2 200 d800x533foxtrailcamfull5e9c9fc3c5533.jpg
54321.video/media/com_allvideoshare/videos/2020-04/ 268 KB
269 KB 365ms
363ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2020-04/d800x533foxtrailcamfull5e9c9fc3c5533.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a58378b586b02240617611c3d9431bd2f779b8d1ecd254ad3727a97c661555c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:39 GMT
server: nginx
etag: "61cd007f-4315b"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 274779

GET
H2 200 D-800X533-6-Point-Buck-PLUS-2-Night-1-18-21-DSCF0062.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 185 KB
185 KB 365ms
363ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-6-Point-Buck-PLUS-2-Night-1-18-21-DSCF0062.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 983995f0b176dbed79a19eaaebeb7f7d7101e0cdfac6c2f4e426d94f6d318609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 03 Mar 2022 17:04:17 GMT
server: nginx
etag: "6220f511-2e36d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 189293

GET
H2 200 largemouthbasstaste5e94d63b1e38f.jpg
54321.video/media/com_allvideoshare/videos/2020-04/ 122 KB
122 KB 365ms
363ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2020-04/largemouthbasstaste5e94d63b1e38f.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: fb68ecaaa30ea6f1c6b8429835c57efcd93c0ac4a067905074e784924d929575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:39 GMT
server: nginx
etag: "61cd007f-1e880"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 125056

GET
H2 200 Sell-Your-Property-Logo-NEW-Large.jpg
54321.video/media/com_allvideoshare/videos/2022-05/ 651 KB
652 KB 366ms
364ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-05/Sell-Your-Property-Logo-NEW-Large.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e350d899682e3b6f5e1d529c7af42dc8f5d3bea4740a351f3f71bf6068d8af6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Sun, 01 May 2022 21:55:18 GMT
server: nginx
etag: "626f01c6-a2c47"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 666695

GET
H2 200 D-800X533-CL-Public-Camp-Build-DJI-0003a.jpg
54321.video/media/com_allvideoshare/videos/2022-11/ 474 KB
475 KB 366ms
364ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-11/D-800X533-CL-Public-Camp-Build-DJI-0003a.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e7b61bee354ac5423a6d02338403cd340a102fa305eb939ee93d1c5a051068d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Sun, 20 Nov 2022 22:23:36 GMT
server: nginx
etag: "637aa8e8-769ef"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 485871

GET
H2 200 D-800X533-CL-DJI-0014.jpg
54321.video/media/com_allvideoshare/videos/2022-05/ 498 KB
499 KB 366ms
364ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-05/D-800X533-CL-DJI-0014.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1c8529dbdad66c0c2bfb59aa79a0c2d0026d75a726c8ff5a0c55cf17aca0839b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Fri, 27 May 2022 15:59:29 GMT
server: nginx
etag: "6290f561-7c9e3"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 510435

GET
H2 200 D-800X533-Badger-Big-Top-Den-Night-3-18-2022-DSCF0037.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 285 KB
286 KB 366ms
364ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-Badger-Big-Top-Den-Night-3-18-2022-DSCF0037.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 38814bce072cb1b774f63051448d75b15a5f01aabd8113a608debafe4d8063fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Tue, 29 Mar 2022 17:12:30 GMT
server: nginx
etag: "62433dfe-47540"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 292160

GET
H2 200 D-800X533-Eastern-Fox-Squirrel-Eat-Small-Mound.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 500 KB
501 KB 366ms
365ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-Eastern-Fox-Squirrel-Eat-Small-Mound.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: df94c83ddf4e315164c6c55c349d235e2f3f46eda8202f6479521612b3b993d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Tue, 29 Mar 2022 16:10:53 GMT
server: nginx
etag: "62432f8d-7cfa9"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 511913

GET
H2 200 d800x533clprivatefrontagedji001660e5dad0aa044.jpg
54321.video/media/com_allvideoshare/videos/2021-07/ 568 KB
569 KB 366ms
365ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2021-07/d800x533clprivatefrontagedji001660e5dad0aa044.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f40467c7af57b2a7bae1bb2c4fcc0db450b49474b0a12cd6851ef50a90733f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Thu, 30 Dec 2021 00:42:39 GMT
server: nginx
etag: "61cd007f-8e1f2"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 582130

GET
H2 200 D-800X533-Chapel-Gorge-Trail-IMG-3617.jpg
54321.video/media/com_allvideoshare/videos/2022-03/ 660 KB
661 KB 366ms
366ms Image
image/jpeg 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://54321.video/media/com_allvideoshare/videos/2022-03/D-800X533-Chapel-Gorge-Trail-IMG-3617.jpg
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b57aedd62fce02610dc5f28f8c0176653af619e66482394ab930b667214c6900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:04 GMT
last-modified: Sun, 20 Mar 2022 01:24:08 GMT
server: nginx
etag: "62368238-a4f82"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 675714

POST
H2 400 matomo.php
website-wi.com/piwik/ 410 B
563 B 353ms
352ms Ping
text/html 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://website-wi.com/piwik/matomo.php?action_name=54321.Video&idsite=61&rec=1&r=910527&h=7&m=52&s=5&url=https%3A%2F%2F54321.video%2F&_id=3986dc0fb0186c84&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=nkyhpo&pf_net=247&pf_srv=1884&pf_tfr=119&pf_dm1=1372&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: website-wi.com
URL: https://website-wi.com/piwik/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer: https://54321.video/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://54321.video
date: Thu, 09 Mar 2023 07:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07fd1d8957d5defbff66b5629a8a3f7bf1ea4ef40c3d4cee42a2690b422bf3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52054
x-xss-protection: 0
server: cafe
etag: 5399559924819875450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=54321.video

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://54321.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12F1 21 KB
9 KB 653ms
653ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f01460c045a2eec4bd18390d0508810fa914142a4b4cdc2ce916f1e36769146b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9002
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
expires: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE34 19 KB
8 KB 840ms
835ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5f1f12306c4396fa25e3c6e6505b8f820d076b41babc03ffe4342b43773fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
expires: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame 9DCB 10 KB
5 KB 86ms
20ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&adk=1993245050&adf=3798025913&pi=t.aa~a.2579648965~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&to=qs&pwprc=3495258229&format=1200x280&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324037&bpp=2&bdt=661&idt=248&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Baz75EuCoV&p=https%3A//54321.video&dtd=253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 03:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 03:52:29 GMT

GET
H2 200 e45c0de176f05d0248951c6e560bc486.js Show response
www.gstatic.com/mysidia/ Frame 9DCB 19 KB
8 KB 87ms
21ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64466ba68466bfb5d967c7b2bb77304b6b77aca524614d247f086a2ab8c86de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7808
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 23:49:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9DCB 8 KB
1 KB 127ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 07:27:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9DCB 2 KB
765 B 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 9DCB 6 KB
2 KB 89ms
24ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 09:59:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 9DCB 22 KB
9 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9DCB 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9DCB 20 KB
8 KB 50ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DCB 158 KB
49 KB 68ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 9DCB 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 899A 10 KB
4 KB 23ms
19ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 6E61 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 478D 10 KB
4 KB 21ms
19ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54321.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 00:49:34 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 00:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 339 KB
46 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/index.html

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d2d3767b60919c66482dbebd00cc6886cd37f732a9b808d5bae7d1a5a43f4d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 47745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 45291
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:36:20 GMT
expires: Thu, 07 Mar 2024 18:36:20 GMT
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 899A 0
0 77ms
77ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDi4IJJAJZIPSE8Ok1gb29Kv4Daj5iIVrzf3y3NYQ2_mnzt8hEAEg2JiDBmCVgoCAoAegAa6ezLsCyAEJqQKvD67n1rGxPqgDAcgDSKoEzgFP0FiT1fA0OALKS8Myr-ooNCMYfHNvSEFSMTnmYPb1kUQ9kO3urWpbOdMZeyh33HFcrxr5jdvNBmaELP5wvjUqYXmluaoZyAi_zrDOBAzdF1kkMn99vWLZv_QDfu-ItP_H7CqEHxemZFYGZetUxyiWYQT7D_QD590V66lyPaKMh1vKSzQZqRH4RvL3AfVNdfLKP9xTMonThntqZauBNI6_-2ApRGjByMOKqm1Y3GXwsGlXJlRDcTE4m6xfEcoNNUiJ32TBowGzG9J7QH8iycAElJ7jxMcDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6yG1YMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5aYr0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw6IFAHQFQGAFwGyFxwKGggAEhRwdWItNjI1MzY4OTE4NjAxNzg5ORgA&sigh=Sy5OtBaPgYc&uach_m=[UACH]&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&template_id=419

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 899A 22 KB
9 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9B23 16 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 10 Mar 2023 05:05:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9B23 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 10 Mar 2023 04:22:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6E61 2 KB
608 B 42ms
41ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 07:14:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E61 2 KB
765 B 22ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 6E61 22 KB
9 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E61 3 KB
1 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E61 20 KB
8 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E61 158 KB
49 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 6E61 34 KB
14 KB 22ms
19ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 478D 8 KB
968 B 45ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 07:18:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 478D 2 KB
765 B 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 478D 22 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 478D 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 478D 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 478D 158 KB
49 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:05 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 478D 34 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7950597814380686241/ Frame 9DCB 63 KB
63 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7950597814380686241/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0d11e87baa28251fae33832e667ced7a258af7ed0d6af90626a080b9bf5b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:59:44 GMT
x-content-type-options: nosniff
age: 114741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64248
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:17:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Mar 2024 23:59:44 GMT

GET
DATA 200
OK truncated
/ Frame 9DCB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9DCB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9827ac418252cf2bce3d4c2cee25ec175b53deb2de8614e235e0c0aa082f976a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEAohAAAAAAAAJEAwBBIaQ0l6ZHVkMnV6djBDRmFvcUJnQWRXTmtCOVEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 42ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEA0hAAAAAAAAAAAwBAoOEB4qCDEyMDB4MjgwMAQKDhAZKggxMjAweDI4MDAEEhpDSXpkdWQydXp2MENGYW9xQmdBZFdOa0I5USIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEA4hAAAAAAAAAAAwBBIaQ0l6ZHVkMnV6djBDRmFvcUJnQWRXTmtCOVEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEAQhAACAZmZMmUAwBBIaQ0l6ZHVkMnV6djBDRmFvcUJnQWRXTmtCOVEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEA8hAAAAAAAAAAAwBBIaQ0l6ZHVkMnV6djBDRmFvcUJnQWRXTmtCOVEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DCB 0
0 60ms
60ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7K0GJJAJZIy7FKrVmLAP2LKHqA_E_dG3Z96Wvu2QDvKx16moKRABINiYgwZglYKAgKAHoAGnx-LbA8gBCakCrw-u59axsT6oAwHIA8sEqgTKAU_QpPVG_s0HzBFAbd65FMYd5_CpvtLM5BZSpAkxcyk2X4LGP24Jq_LyZOCa_wX_c-epxbI7omM2y7yGudU4bJU5mSM0yb96jiYqVEgxdfmQK02OxcRe2eoGELye_ld6SsdnYlUwE1ueqD4exSWKLIUzb2hIjuvFeqg4TOnY9FVhJnpsYkXRv-1CPMlcC0ucbUzclaC0-nDi3Wg_VNi9mLWgdw6T3FGKCP4tNjo4N4aU4KacQEk1ZQFsK_d5tEMER8z1KCVfUixsdFLABJaf2-DPA5IFBAgEGAGSBQQIBRgEoAYugAfBuJ0kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmIUh0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwuIFAPQFQGAFwGyFxwKGggAEhRwdWItNjI1MzY4OTE4NjAxNzg5ORgA&sigh=15oAalOZ5pI&uach_m=[UACH]&cid=CAQSGwDUE5ymu6x6fUM5PEyVoGfwp4WmXxOy33CbXxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&adk=1993245050&adf=3798025913&pi=t.aa~a.2579648965~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&to=qs&pwprc=3495258229&format=1200x280&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324037&bpp=2&bdt=661&idt=248&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Baz75EuCoV&p=https%3A//54321.video&dtd=253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7247 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:11:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 899A 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 899A 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
DATA 200
OK truncated
/ Frame 9DCB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82290b8fa2a26efdffdf9fd626279d4de3bcfc4073d5603b360fdf6a43c6c726

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9DCB 28 KB
28 KB 330ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 55917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 16:20:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 899A 158 KB
49 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
DATA 200
OK truncated
/ Frame 899A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a2b9a5c4e0dce09c384019ef3044d53cbdbee83dd0bc5734f286060fe5a6680

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6E61 21 KB
21 KB 271ms
44ms Image
image/jpeg 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRMS3wyrNuTWeooE_-2oSIt0-od2mYH5c2MjjVzdeXUfRuqHJzjQMdUel8WSg&usqp=CAI

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a62096219000b89e95ac25214646e135f3a1e5d6e9874f5a885943f97a3706a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:56:43 GMT
x-content-type-options: nosniff
age: 64523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21172
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:44:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 13:56:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6E61 48 KB
49 KB 235ms
8ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT-QUNCrEr9G0d-YLBi53D0nBKxMoEmAdsq8tDu9-mdWLgqYYc3DvY1WfDjzyk&usqp=CAI

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63b5d7f02c7aaa1f7fc1f67f18200c67b314559bb6ee5ec04f0a5c238db461a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:23:54 GMT
x-content-type-options: nosniff
age: 563292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49613
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 01:45:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Mar 2024 19:23:54 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6E61 22 KB
22 KB 250ms
24ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTWX0W73EUTyra2kNpFTsTiMVDcoE3HneLoMGi948yLynEnySF2wJ-pEFjR_g&usqp=CAI

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc49bb7abb5c46233158c82b475100d3d3fc172b3201d8f1b6b25bdb216e7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:17:40 GMT
x-content-type-options: nosniff
age: 588866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22452
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 03:43:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Mar 2024 12:17:40 GMT

GET
H3

200

6860921938230782715
tpc.googlesyndication.com/simgad/ Frame 6E61
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg-tStAxCoAhioAjIItbNy4rp_Ya4
https://tpc.googlesyndication.com/simgad/6860921938230782715

17 KB
17 KB

12ms
10ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6860921938230782715

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bcfadff5b1a7e2692e1ec0e670e2294b0373d1a2be0139b28dac7624242904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:32:28 GMT
x-content-type-options: nosniff
age: 55178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16978
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 23:50:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 16:32:28 GMT

Redirect headers

date: Wed, 08 Mar 2023 20:45:20 GMT
x-content-type-options: nosniff
server: cafe
age: 40006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6860921938230782715
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Apr 2023 20:45:20 GMT

GET
DATA 200
OK truncated
/ Frame 6E61 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8f16dc0b529e4810c871f012e1dcc5158dca5cbb772ab14e76ae303664d95b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7950597814380686241/ Frame 478D 10 KB
10 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7950597814380686241/14763004658117789537?w=195&h=102

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de05f8b3ad3a0a1afc10408e50f374abf3a2310a3f5561721bcb226dbddc775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 12:20:25 GMT
x-content-type-options: nosniff
age: 415901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10651
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:17:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Mar 2024 12:20:25 GMT

GET
DATA 200
OK truncated
/ Frame 478D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 478D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9827ac418252cf2bce3d4c2cee25ec175b53deb2de8614e235e0c0aa082f976a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 478D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71bc1c8fb5eb3b2157a4ea1c45afcc49ca0e6744c3369199cd739815fa08322e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0324 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B23 36 KB
14 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7247
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
44ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
expires: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 77D2 36 KB
14 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

GET
H3 200 Layer_523.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 5 KB
5 KB 27ms
25ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/Layer_523.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

502560e9b64a5d465ccffd8833b47259049392fb0a7df2a0e588f474793c0dd1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 08 Mar 2023 18:35:53 GMT
x-content-type-options: nosniff
age: 47773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5558
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 18:35:53 GMT

GET
H3 200 logos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 4 KB
4 KB 26ms
24ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/logos.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6af2a93abd14b74f3a742ea42c91288ecfdc1f3c9ccf7e1872d1337322f9980

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 08 Mar 2023 06:14:46 GMT
x-content-type-options: nosniff
age: 92240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4453
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 06:14:46 GMT

GET
H3 200 Endframe.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 18 KB
18 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/Endframe.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d32582724e1fa70bbe619b8c5d5bee8f458ae2eabfbe7a6fa7a5802c9ffff1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 07:34:20 GMT
x-content-type-options: nosniff
age: 519466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18102
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 07:34:20 GMT

GET
H3 200 double_car_-_Copy.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 31 KB
31 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/double_car_-_Copy.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336aba809280464cdbcc696a60e143fda2f846c716925e25a30b0c305f7b2d2c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 07:34:20 GMT
x-content-type-options: nosniff
age: 519466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31970
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 07:34:20 GMT

GET
H3 200 Chill_girl.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 7 KB
7 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/Chill_girl.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec74f646b7d8c519793b575312b2ac22119c656929471da7715bf50e45ab2239

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 07:34:20 GMT
x-content-type-options: nosniff
age: 519466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6991
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 07:34:20 GMT

GET
H3 200 landscape.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 20 KB
20 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/landscape.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d33b33c9c9ab8d6ac322d4c80d6f3aa611dca13128d700f63f3d1490fedaf351

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 07:34:20 GMT
x-content-type-options: nosniff
age: 519466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20196
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 07:34:20 GMT

GET
H3 200 VW.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/ Frame 9B23 14 KB
14 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8018297076012763398/VW.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7085caa439caf302dcb6a2074daed3b128ccfa0c2052ef706457ad7fd5a2379c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 08 Mar 2023 06:39:28 GMT
x-content-type-options: nosniff
age: 90758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14198
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 07:53:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 06:39:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E61 0
18 B 60ms
60ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYy6KJJAJZITSE8Ok1gb29Kv4DbLp_e5usdid2JERmNinr5c0EAEg2JiDBmCVgoCAoAegAZm_k5kCyAEJqQKvD67n1rGxPqgDAcgDywSqBM0BT9CzHnzr-E6J6uw1wViPDHc62OOCkJZxfWImJEAa88AGYfU6hMf6C2onbN4l2Jy2D1nXbfIaqmo8X2cqPiMmwPSePt95EA2sj50Zglh6suRU0Sh7VfJ6beYuyxHPLtWOuiQtK8vUp-SHU3aEexEHHLQ2lh7AIFTJ28o7etIMjiNr_blYpQ2T1MXr7Eq7M2Ej5j1Z9p4A9GWm1JZy54T-6JDoettU-xljKBpfAwslOKUMwViwSWv5JCFc89q8hEBsTjSu01QQXIt9zbpqv8AEucXKuuYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8_A7OYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJuiE9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTYyNTM2ODkxODYwMTc4OTkYAA&sigh=p25jwixfsi4&uach_m=[UACH]&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&template_id=494&vis=1

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 478D 0
18 B 60ms
60ms Image
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP5quJJAJZIXSE8Ok1gb29Kv4DcT90bdn3pa-7ZAO8rHXqagpEAEg2JiDBmCVgoCAoAegAafH4tsDyAEJqQKvD67n1rGxPqgDAcgDywSqBMkBT9Dh_-RIZS4npJ7Pm_Z6gAiyjDI4jH-0CML_xQWck2fwynqrJzvqgRTxPfkCMGH5UK1D0QLog7OEBocrgsV1zThrT1dmzs1F88F0MO6Qh3PE6-3yLlcYJmZpOQ-Xxz8L8N7NGz56kvXOe4mlA5TwBb3mPhwxNbu64N3EcdwkytPVKa3jr2B86IDm4oGAoLQGA1wMoUSKqzAiUT2Zu0HJ08Hn-HgIhci9_bvQpN9E91NIBQWf4RxV_hCBoZCBNArr7HBWYpZmGHKewASWn9vgzwOSBQQIBBgBkgUECAUYBKAGLoAHwbidJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPXPEdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQD0BUBgBcBshccChoIABIUcHViLTYyNTM2ODkxODYwMTc4OTkYAA&sigh=I1Nq3rhOZdw&uach_m=[UACH]&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&template_id=5000&vis=1

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame AA7A 8 KB
895 B 50ms
47ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&slotname=5234299869&adk=284956235&adf=3005832069&pi=t.ma~as.5234299869&w=850&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&format=850x280&url=https%3A%2F%2F54321.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324689&bpp=8&bdt=1312&idt=8&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0oZ0YRm1We&p=https%3A//54321.video&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 07:09:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame AA7A 2 KB
773 B 14ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame AA7A 22 KB
9 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame AA7A 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame AA7A 20 KB
8 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA7A 158 KB
49 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame AA7A 34 KB
14 KB 33ms
31ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AA7A 0
0 67ms
65ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbsozJJAJZLLeLeu2mLAPouuskAavluKgbPv8xZCID4OChsvCARABINiYgwZglYKAgKAHoAHNwPD3AsgBCakCrw-u59axsT6oAwHIA8sEqgTUAU_Qi9d-x0nWn1H59TgeHl5Os0yu9qR655RUOps7tsK46nxOgzAtvaMnVWa3pAO-qMDan11fVcSfKW81sRyuvPROqnoArSlJtRNRWAsiOGkF1i4gqlSZoswzKHzJDmfmWSADhwVkeCDFkrwODrkklBM1nslPxVWr7cWnOKFfXnm1SvPuYcrXKpm8w2-WZ_PiMhPHx5KsMNEdZUUmkTrmSGzBWzSawED8IA8xiCFeNZi2FVCyhqtbZoBsP23ubG_0HjP03q9rWFmbXRY4C2cfeHBLEmNMwASt9avfvwOSBQQIBBgBkgUECAUYBKAGLoAHm7-PiAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCc1lbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItNjI1MzY4OTE4NjAxNzg5ORgA&sigh=GWyfrTM19hM&uach_m=[UACH]&cid=CAQSSgDUE5ymu8PBW3Wy4Pw-CY0F2Vr6agk1bzmlonysnSJs7lBbQoAYYzMNpSi50GSn7m2tEqH-ZXZzynA9ugb5OcT3Ww9BAv0Hh1BTGAE&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=280&slotname=5234299869&adk=284956235&adf=3005832069&pi=t.ma~as.5234299869&w=850&fwrn=4&fwrnh=100&lmt=1678348324&rafmt=1&format=850x280&url=https%3A%2F%2F54321.video%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348324689&bpp=8&bdt=1312&idt=8&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280&nras=2&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=587293113&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0oZ0YRm1We&p=https%3A//54321.video&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A74 624 B
242 B 59ms
56ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjW9anbATAB&v=APEucNV2-XK2bua8ua4BH_94rNyZu4umB4Yvex1pG9mtLZ6igGlwyGSVZuE6yMDG_uun5cSgDUuUtKMl_auLprOGrkVtaV4htAwlETR7me84FMBZLsfxkwHMGnzD7XeLFEpeL27gdVKp_kw4b5bcWQLs4CP1RNByLePxKo8b2BINRAXzd4u3YkA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E452 78 KB
27 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame E452
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Image
image/gif

52.58.97.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Protocol: HTTP/1.1
Server: 52.58.97.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-97-175.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 07:52:06 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Thu, 09 Mar 2023 07:52:06 GMT
Last-Modified: Thu, 09 Mar 2023 07:52:06 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame E452 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame E452 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E452 0
0 19ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV9dqaX2h21q9fT8qBmrZCB53Ja9oXyQ2OR-E2lwjK_5H-lcLv2zMz8RZt2G6MpHP0W1CAmtsAa9643-2JGRIGZmaF1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E452 158 KB
49 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E452 42 B
63 B 44ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUJJdeRG0dcPNmF0JgT1mNNX2Qwr_5TRLspDwuTUXyMfOEUx6GnYncrysrzTgyFy--d3xGYnAzVZoYvCOnwH4Bi-yKB3ESjbts8Ij0EyYPwuBLYjQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E452 0
20 B 43ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5305474058353624176&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 46ms
43ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data=n2cxKeSJlzSSN2LhqzJoH6RiSoh6Ou0dGGgPLBD1ycUcvwxlgTa0w4cC2hvuWEsrsHWWZ0FNUMvECRdnaXD0EA
mts0.google.com/vt/ Frame AA7A 42 KB
43 KB 110ms
62ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=n2cxKeSJlzSSN2LhqzJoH6RiSoh6Ou0dGGgPLBD1ycUcvwxlgTa0w4cC2hvuWEsrsHWWZ0FNUMvECRdnaXD0EA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

718f42a56450fa0d26cbd98d56cfd970534815880cc51b630fd89d4336f13daa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43304
x-xss-protection: 0
x-server-version-bin: CggIBBDIjqGgBg==
server: scaffolding on HTTPServer2
etag: 09083596fa2d02f33
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 09 Mar 2023 08:52:06 GMT

GET
DATA 200
OK truncated
/ Frame AA7A 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AA7A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AA7A 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AA7A 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A74 36 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCB 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEDIhAAAAAAAAGkAwBAoNEDMhAAAAAAAAGkAwBAoNEDQhAAAAAAAAGkAwBAoNEDUhAAAAAAAAGkAwBAoNEDYhAAAAAAAAGkAwBAoNEDchAAAAAAAAGkAwBAoNEDghAAAAAAAAIEAwBAoNEDkhAACAZmZqlEAwBAoNEDohAAAAAACMlEAwBAoNEDshAACAZmaUmkAwBAoNEDwhAACAZmaUmkAwBAoNED0hAAAAzcyYmkAwBAoNED4hAACAZmZIoEAwBAoNED8hAACAZmZIoEAwBAoNEEAhAABAMzNdoEAwBBIaQ0l6ZHVkMnV6djBDRmFvcUJnQWRXTmtCOVEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e45c0de176f05d0248951c6e560bc486.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8A74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

43 B
766 B

15ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjW9anbATAB&v=APEucNV2-XK2bua8ua4BH_94rNyZu4umB4Yvex1pG9mtLZ6igGlwyGSVZuE6yMDG_uun5cSgDUuUtKMl_auLprOGrkVtaV4htAwlETR7me84FMBZLsfxkwHMGnzD7XeLFEpeL27gdVKp_kw4b5bcWQLs4CP1RNByLePxKo8b2BINRAXzd4u3YkA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8A74
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmQJv-SY6AQDT5R-81H5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

43 B
766 B

14ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjW9anbATAB&v=APEucNV2-XK2bua8ua4BH_94rNyZu4umB4Yvex1pG9mtLZ6igGlwyGSVZuE6yMDG_uun5cSgDUuUtKMl_auLprOGrkVtaV4htAwlETR7me84FMBZLsfxkwHMGnzD7XeLFEpeL27gdVKp_kw4b5bcWQLs4CP1RNByLePxKo8b2BINRAXzd4u3YkA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8A74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

43 B
1 KB

37ms
16ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjW9anbATAB&v=APEucNV2-XK2bua8ua4BH_94rNyZu4umB4Yvex1pG9mtLZ6igGlwyGSVZuE6yMDG_uun5cSgDUuUtKMl_auLprOGrkVtaV4htAwlETR7me84FMBZLsfxkwHMGnzD7XeLFEpeL27gdVKp_kw4b5bcWQLs4CP1RNByLePxKo8b2BINRAXzd4u3YkA

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:06 GMT
AN-X-Request-Uuid: 3e8ffbaf-a652-48d9-9665-cf1b3b764761
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.196; 80.255.10.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A74
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

170 B
243 B

54ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 07:52:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.196; 80.255.10.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8b5d6b38-9c01-4024-bc0e-b71012bcf447
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E452 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8558496416470&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E452 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8558496416470&version=m202301230201&ct=119&x=1&cor=5305474058353624000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E452 82 KB
35 KB 78ms
77ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByhqwgOvdMJ1N-jh-_xdP0u0E7W8Rl0LjgbMQHUvBb6wwPA-gf1JL3aAUna1ZDkLTroWCk4pgKvHUTRCTJGlT2_sV5armLhGltSAWsoOMzWL47Knkm2ula4medaeTBfYkOGtKzdT5EyU6VfuyZ6zCu4OowYOuPLs1OcvtEmUElE2Oxybs&cry=1&dbm_d=AKAmf-BUL3F17br2cmCMKdOzWLz9nI9Ai_C3RxkThe2YXdFlKuQo0W0vvHBYNDT6fH_LHQe04onOGis04SVBZAJ2G7Dz4BTbHkC4OfHYQjlRaOoXhwPk5WzsNfYajgGCcm1PIpydDPzo4TZTF0ipLUCs5KsUpu5pZYsce6244GTD9_gCW9EFupjirPc8NEcQESmotgtSmbRTs3UITdeqh84Ru2Ii-0N7tQmzC68G_RgjV6dNLLXXPB8rRCiXS4lq1ZwmkXI-vUWz--XEJ4HbR2tCdY4SDzPik0A28JyY4TFzXR2Al7zYf4mylsQsCH40XqhTdT5W7UpFfAM6YNN3q9v3czrOd2xQqzc0BcWHLgMpv1oZz-k6bMFDrqk_yVYXCkzSxcREuOeNSPHCAXwOevAKDHYxkTFBUZL79HTzBDEx4Q8KUY_r6yeol4Uf4kSo5FK272lnTelK00FE5eWJaLIqLHIxjOMbh5nG90SXTKs9GG5MZneosLX_d994S0E4fhpOc_7v2aj00FZ2riLmDB4QzKJKCXEadEKO34XOkztRZpFVktOhLichXuLzzIR2e0qQ4HoGSEv4e_jlnhwDGW5ZTD0Ss2W8RobKCrTjU2Un4XCXumlgsGVHZFTC9jR-F6yXWDzESpn2Y7zjEDtmDnLBjmI3zfidscZe0EtBHkniVnYqY3vDRqXEpAe0MJ2IArqy6S11gGSr6IsHya4Ja13m4UdDUi5UsXgNgfRpWAirOuXbJnf1wthy7u7zpaTzwbF_yYe0kdsACp5ZaFMcMN18UXEhjk8b0_wPg9Wx3rhvrL3vrdIotdYtuq0JnPguNfKBvW6qPByGR4CVh3GfCtoqBxX0Pfv7ljQ6osHdj9EWnh3ebxxdhzuW4TKFvuV46g9Jb4cpw3umYitdUI_kadCmfD5cUkZW5oY4Zsx6QDQYy6pRvY3o9kwWMOOhlpdNNxUmGTazFtEFk4dgsAUCKvuSIA-z3TnBzI_MqMY1bQ7HZV5lqVrtz5RlWOvHlshZ2ULrD131gLQcANTtY-ScCqTeMRN7DdK5abcC3EdnAKFeF2K8Nnb8-R0EimqGiBnkNJcCcNRHasqhEKV4VBEh9xiCzXrgiejaPJEuDUyVbn6FcgMIU28KIpGa9h8N3GA44kH4itymX_i8kxfLA3WF4skyrqkmK6bcgCd93ZfARWwWAraMFYG9wkDk8wQ1owOF-Lmp66Q-NrKl99BmD57GYbd6IJOW_hrnTzUFW3oTSEO0_UlTpRJma2vHkkziEUAoEpByE3YkFaEKUdkU7fysOiGek4pixzkax4FOY_g6asDmYq_fQ14sFlFs0VkuGxBQkUeenyzoJaE0qNXYNJBkM-7gCIE9N9wyRAHnSt5_43KLB7YSIxqoZTtvcHbCXYaKUXPn-iI_mnWE4o9iMlax233SuPRIzYLdA48J2mzLhxJOR7vIlBkUvbvv8LSKNq1yewflPKqBmg78YVGHsykcYHhdjtYsyfO8PlIq5MI9lVNM-4ucdaZDs-tqKhbG9x-WmRHy9Boiy2yxU5QCZ_Pu_Qn_SV3p_0B_BThnfzn1gHbPXAUIVmg_43rVgpqTORr_7NoyV61XYqefuZSOydPOrYHa7mkFtWjujY784Exmv_peekA6q6vLLqsuwVGWULcUnHZsKc5G-T8I1cctNbS2z62QSjHMw-EzBNTm71GgRIFqbN-WN8IE4Gb2MBQ0RowathY_fzlUfiCFZRmaHjGB0d4nbHS_5wdnd3c1VyfGKOBwqiqqIh6DgWKfbVIRwFY9RvdAZAY1cvXOxsH0lZtV9o_Mg8FRw3XUbGGiJrrLYRrTNdlelYG8kHFXisGtJAmjODT9e2ot9ykSJ8zL3fBpWlPo9rQbJPo-pF7NhBYoITGDRrko11OL2lJzkDaMWBQ0VcLHF2kVDKn0igUY8-13rEzvRnaq9x9Jd4M7qwOgP1Y0w2aTnT7abrFKy7OVdZlryD_alzYdUDM4nt27U5eaW6eIYqCTyTtt-Vo-_0SzgT4ghhTDPM6eL6tPXHUaMTseO3ztppeZ1lUfJKwzs1CyEdjF1gRPuLL4lAYKPCTkgSmCb6VEbZ8cVIGZNyC3AVYaEXK9JP-aPSjtoAsQWQmtmipO33P68KTj6jwj-n5SDmPagJZo40IBqfTreOqxWCxfA1LQCpLecWlWb_SVvbJMyf24OfEFc5GPGKJSdVuKhOzUhZuCGRTakAEm83hoVhV4BWj3S3uuzUKC4ObDQwBw6o3IrqAivS_FW5miag4XOUu1kWhNlsOQ-gdJMPNLprxCPhkaFp3eXKSEAU_YKy1KU6l0zGQMhTq6ehqlpbJXtY-qKT_UqJRHAxaqGMMF5B05sdRILa16Kilj3M_XR9tRNm6HY5R3bfJ48_Vd3WL5_uJOnpRMMNSfhsNt2AgUthHSSxML1FasnEkJLVjd_ejZrhZ7UdiQJSX08SUV293p-FFBN06TszSB3VSCxstcHgfItWUugJgAeeSaDKs8MvbTLZ9grWVNSDdeIbL_FS5bBvDc8MInu5CS0vANIfFiEeo9pFVngtO68eXyuXDD6hvw7Q04MDJp4-7UuWpah7Th7m1XxBHxXlqSEPhvh9Samyy4K9Eb6d7ldbyJFE3GEFmVhuTJ81HA1wJmRDlzTFHudoex__aZqx-1VJmqB9KUVQtyqMy-rkrEMUV4EG-xUqCS7vhQ957LO7ZvTS8t7ppgu21Ba_UUsjrqgGdIiXxnMc4C2tKuTnXmg6RcSOmQ5VY0w3DwvrBoNqZFghHUH1S1srekXlD1zwsvPhlkn5ERztCGyWqb2agHLyivhsXY4CnkgwWQgNcj-p4vwJ247mBvivJ_iXSd5yEyqekuOPMovfFMV2iKs2hkYL75TONATjnrC74oVS-qTLYQGMC0R6GLs7hkIZ3yrtBAErAnFgH20GK9-bCsUBJVD4wjLUzA3BDpFC1igxf6X7bLBJKLF6LQ98NXdnc19WXQEiCLCBkrUEA1K_5xYMoqD4LxQuiYCiWeIZ8iDE-RpbzVvM9iDem0evsEkwrmMrG1XzpHjZASaUSwNGEC2fbp7TTWLvkzbhtR4PG8kUMXEAYWAZgOKQp-5kivgneXir-lc-gdpjlqZ6nPt0BGqDEg1Q9LohflgvuVyZocu370aQdSXaXOqnbRZbseEj5U2dPnUUQebkxCtkrjZMvdV_4G-hZvt1Tbg7m7jtXl4Ml4PueEkfAivmMofwWMVr98SeI8AWM_Gl6Ra2PbQmXliOks7SgZfkOUgt7b7xvs6XwfmkepnJirAP4kwpgxjtjlyluM9HWWKyoBRhfwkQ0Wg0wUT-Ti3VHOt5Pfr1h5RP-2smHl-Ki1GPl9oUaiTvcv0Mw8PSk&cid=CAQSOgDUE5ymS1hg4rBSpqpeVl_A-XxIDeuAcB-rw2DT6FZqzFkE80GFNGMncQN2855CLQPzPl2TPOBuXOYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F54321.video%2F&ds=l&xdt=1&iif=1&cor=5305474058353624000&adk=1726166460&idt=108&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

795d42f8d0e9ba43b36bcf516b4837c90f2e0d0faab744130b46d981018d3aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE34 42 B
63 B 64ms
48ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CV1KYLQfbVQhGQvz7dLqalI8xSxb_qkCIdGHIxQWv9If-O6waY0GLmc8T4Ye6ed5znvCbV5mPJhqOOTvyZhQl62bF62xIFP3FSEVseUxSYANKlgP8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE34 0
20 B 67ms
51ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13439322969520042991&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FE34 78 KB
27 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame FE34 3 KB
1 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 07:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame FE34 20 KB
8 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FE34 0
0 26ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4b8Syr20hNQEyA7W9q7G7EiithM_F3G0LclYw-wtaniesk5y_LKHibRep3tH2L6Rem1qtX6FR__I099En2yzpEvmtCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE34 158 KB
49 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 07:52:06 GMT

GET
DATA 200
OK truncated
/ Frame AA7A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec0c39eb4d1cfd38caf74235c9f7ac9dfa74aca42a2b810933d59319ffc4e91d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F18 624 B
242 B 211ms
54ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNUyvFNiWCO8P4L7lh-Itc9rdxlACQH3HD6deRffior-8BU_-hH-In0bne1SHJl853rmUV5ekLGP2Gbl3_XzJUSXU_TF5Ra9jSilu4aJcYU-JSLCX2i0Em0DPcaadRWSbwCHgMREvWsOYOWmD47v3axLaHczqeZpkQhU8clRPwozVh9DVSM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 07:52:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AA7A 28 KB
28 KB 26ms
24ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 55917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 16:20:09 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E452 106 KB
37 KB 186ms
20ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 17:06:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame E452 8 KB
3 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByhqwgOvdMJ1N-jh-_xdP0u0E7W8Rl0LjgbMQHUvBb6wwPA-gf1JL3aAUna1ZDkLTroWCk4pgKvHUTRCTJGlT2_sV5armLhGltSAWsoOMzWL47Knkm2ula4medaeTBfYkOGtKzdT5EyU6VfuyZ6zCu4OowYOuPLs1OcvtEmUElE2Oxybs&cry=1&dbm_d=AKAmf-BUL3F17br2cmCMKdOzWLz9nI9Ai_C3RxkThe2YXdFlKuQo0W0vvHBYNDT6fH_LHQe04onOGis04SVBZAJ2G7Dz4BTbHkC4OfHYQjlRaOoXhwPk5WzsNfYajgGCcm1PIpydDPzo4TZTF0ipLUCs5KsUpu5pZYsce6244GTD9_gCW9EFupjirPc8NEcQESmotgtSmbRTs3UITdeqh84Ru2Ii-0N7tQmzC68G_RgjV6dNLLXXPB8rRCiXS4lq1ZwmkXI-vUWz--XEJ4HbR2tCdY4SDzPik0A28JyY4TFzXR2Al7zYf4mylsQsCH40XqhTdT5W7UpFfAM6YNN3q9v3czrOd2xQqzc0BcWHLgMpv1oZz-k6bMFDrqk_yVYXCkzSxcREuOeNSPHCAXwOevAKDHYxkTFBUZL79HTzBDEx4Q8KUY_r6yeol4Uf4kSo5FK272lnTelK00FE5eWJaLIqLHIxjOMbh5nG90SXTKs9GG5MZneosLX_d994S0E4fhpOc_7v2aj00FZ2riLmDB4QzKJKCXEadEKO34XOkztRZpFVktOhLichXuLzzIR2e0qQ4HoGSEv4e_jlnhwDGW5ZTD0Ss2W8RobKCrTjU2Un4XCXumlgsGVHZFTC9jR-F6yXWDzESpn2Y7zjEDtmDnLBjmI3zfidscZe0EtBHkniVnYqY3vDRqXEpAe0MJ2IArqy6S11gGSr6IsHya4Ja13m4UdDUi5UsXgNgfRpWAirOuXbJnf1wthy7u7zpaTzwbF_yYe0kdsACp5ZaFMcMN18UXEhjk8b0_wPg9Wx3rhvrL3vrdIotdYtuq0JnPguNfKBvW6qPByGR4CVh3GfCtoqBxX0Pfv7ljQ6osHdj9EWnh3ebxxdhzuW4TKFvuV46g9Jb4cpw3umYitdUI_kadCmfD5cUkZW5oY4Zsx6QDQYy6pRvY3o9kwWMOOhlpdNNxUmGTazFtEFk4dgsAUCKvuSIA-z3TnBzI_MqMY1bQ7HZV5lqVrtz5RlWOvHlshZ2ULrD131gLQcANTtY-ScCqTeMRN7DdK5abcC3EdnAKFeF2K8Nnb8-R0EimqGiBnkNJcCcNRHasqhEKV4VBEh9xiCzXrgiejaPJEuDUyVbn6FcgMIU28KIpGa9h8N3GA44kH4itymX_i8kxfLA3WF4skyrqkmK6bcgCd93ZfARWwWAraMFYG9wkDk8wQ1owOF-Lmp66Q-NrKl99BmD57GYbd6IJOW_hrnTzUFW3oTSEO0_UlTpRJma2vHkkziEUAoEpByE3YkFaEKUdkU7fysOiGek4pixzkax4FOY_g6asDmYq_fQ14sFlFs0VkuGxBQkUeenyzoJaE0qNXYNJBkM-7gCIE9N9wyRAHnSt5_43KLB7YSIxqoZTtvcHbCXYaKUXPn-iI_mnWE4o9iMlax233SuPRIzYLdA48J2mzLhxJOR7vIlBkUvbvv8LSKNq1yewflPKqBmg78YVGHsykcYHhdjtYsyfO8PlIq5MI9lVNM-4ucdaZDs-tqKhbG9x-WmRHy9Boiy2yxU5QCZ_Pu_Qn_SV3p_0B_BThnfzn1gHbPXAUIVmg_43rVgpqTORr_7NoyV61XYqefuZSOydPOrYHa7mkFtWjujY784Exmv_peekA6q6vLLqsuwVGWULcUnHZsKc5G-T8I1cctNbS2z62QSjHMw-EzBNTm71GgRIFqbN-WN8IE4Gb2MBQ0RowathY_fzlUfiCFZRmaHjGB0d4nbHS_5wdnd3c1VyfGKOBwqiqqIh6DgWKfbVIRwFY9RvdAZAY1cvXOxsH0lZtV9o_Mg8FRw3XUbGGiJrrLYRrTNdlelYG8kHFXisGtJAmjODT9e2ot9ykSJ8zL3fBpWlPo9rQbJPo-pF7NhBYoITGDRrko11OL2lJzkDaMWBQ0VcLHF2kVDKn0igUY8-13rEzvRnaq9x9Jd4M7qwOgP1Y0w2aTnT7abrFKy7OVdZlryD_alzYdUDM4nt27U5eaW6eIYqCTyTtt-Vo-_0SzgT4ghhTDPM6eL6tPXHUaMTseO3ztppeZ1lUfJKwzs1CyEdjF1gRPuLL4lAYKPCTkgSmCb6VEbZ8cVIGZNyC3AVYaEXK9JP-aPSjtoAsQWQmtmipO33P68KTj6jwj-n5SDmPagJZo40IBqfTreOqxWCxfA1LQCpLecWlWb_SVvbJMyf24OfEFc5GPGKJSdVuKhOzUhZuCGRTakAEm83hoVhV4BWj3S3uuzUKC4ObDQwBw6o3IrqAivS_FW5miag4XOUu1kWhNlsOQ-gdJMPNLprxCPhkaFp3eXKSEAU_YKy1KU6l0zGQMhTq6ehqlpbJXtY-qKT_UqJRHAxaqGMMF5B05sdRILa16Kilj3M_XR9tRNm6HY5R3bfJ48_Vd3WL5_uJOnpRMMNSfhsNt2AgUthHSSxML1FasnEkJLVjd_ejZrhZ7UdiQJSX08SUV293p-FFBN06TszSB3VSCxstcHgfItWUugJgAeeSaDKs8MvbTLZ9grWVNSDdeIbL_FS5bBvDc8MInu5CS0vANIfFiEeo9pFVngtO68eXyuXDD6hvw7Q04MDJp4-7UuWpah7Th7m1XxBHxXlqSEPhvh9Samyy4K9Eb6d7ldbyJFE3GEFmVhuTJ81HA1wJmRDlzTFHudoex__aZqx-1VJmqB9KUVQtyqMy-rkrEMUV4EG-xUqCS7vhQ957LO7ZvTS8t7ppgu21Ba_UUsjrqgGdIiXxnMc4C2tKuTnXmg6RcSOmQ5VY0w3DwvrBoNqZFghHUH1S1srekXlD1zwsvPhlkn5ERztCGyWqb2agHLyivhsXY4CnkgwWQgNcj-p4vwJ247mBvivJ_iXSd5yEyqekuOPMovfFMV2iKs2hkYL75TONATjnrC74oVS-qTLYQGMC0R6GLs7hkIZ3yrtBAErAnFgH20GK9-bCsUBJVD4wjLUzA3BDpFC1igxf6X7bLBJKLF6LQ98NXdnc19WXQEiCLCBkrUEA1K_5xYMoqD4LxQuiYCiWeIZ8iDE-RpbzVvM9iDem0evsEkwrmMrG1XzpHjZASaUSwNGEC2fbp7TTWLvkzbhtR4PG8kUMXEAYWAZgOKQp-5kivgneXir-lc-gdpjlqZ6nPt0BGqDEg1Q9LohflgvuVyZocu370aQdSXaXOqnbRZbseEj5U2dPnUUQebkxCtkrjZMvdV_4G-hZvt1Tbg7m7jtXl4Ml4PueEkfAivmMofwWMVr98SeI8AWM_Gl6Ra2PbQmXliOks7SgZfkOUgt7b7xvs6XwfmkepnJirAP4kwpgxjtjlyluM9HWWKyoBRhfwkQ0Wg0wUT-Ti3VHOt5Pfr1h5RP-2smHl-Ki1GPl9oUaiTvcv0Mw8PSk&cid=CAQSOgDUE5ymS1hg4rBSpqpeVl_A-XxIDeuAcB-rw2DT6FZqzFkE80GFNGMncQN2855CLQPzPl2TPOBuXOYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F54321.video%2F&ds=l&xdt=1&iif=1&cor=5305474058353624000&adk=1726166460&idt=108&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:50:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame E452 28 KB
11 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:52:22 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame C31C 36 KB
14 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE34 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8380315200487&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE34 0
20 B 54ms
52ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8380315200487&version=m202301230201&ct=76&x=1&cor=13439322969520042000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FE34 83 KB
35 KB 86ms
84ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrLYA4Cs2H9XebI-bOR7bouific7pe12zqLf5Rk0KSFck0G3AJ8xE9gvbb5xhGk9wRIjxXKx9kqMaPKxdw_yCuxhr_llvtNIlYbe17x7tsy2zUzYYSI5qcasUR8HwZzKub4Qs3oZ3sffF-XlumerRkMqXW-IYKesstbZBUyuPe-8C0AK4&dbm_d=AKAmf-DhbnkOKWl0vy-2JppeKVOYJ-iYNnFNFdMEuhLXMMvaGmR-DZc-g8FFdLz6n7LPIpmLhQPrakJ_uGOCh2UwEHZmv5lGqIpa87TksbUMEABlgMClgqgBBtACR8ZLUhRpJLV4wyQ8CQmsA-RcP3jFXG2RPOjpud9-z5_Q-SWrBrGHwM1HqQGk6zNIkR_BFT0ejaqcol2_fpsy6yLXgA9_fK_5-e8bv1kQS-IAkdvaTUjBD_QshKtH4-1NQPM3ZW97o5s2_rZuZflfWA5mTzzFqdKtKKUFyF9FGB_v6CazMVPF68ev6i1OffjXHhJHTNHHuwpcNB5QexzVJTN47dMaWcQ6HlmXhsk2drgiJ3khXI1xEY2tYBUscChjFxcKcO1un0wzH0MSAMCupkOn2G08mfWfQc2lh615ghDZJq7SDu4uBnVuYj08nCAYNe16xkwc4HNTxYlYmEzCmNlXksBXzk03L__nj96a8XKyxX3_XZnmaV7oJ8E8VZPTJOcu1uDmc2CzA-c1VR8zueZ9bET8RbiYUFYyGSxv_Mz8L_TpBxGhKsnsAT-B8FVMVaUzCuZXLsJ-LajXo4M-FsdFt2OlpF2hUZNVB0-DdiCeeyBOXZk9bqRWwO9vHsq-zqTJLKrSzP7ZWiUv9vf61RPBf6eqxrfSZf0l0qHhH5PbUMTBuSSBoEKK4WDk39_CHvj3UIWvrWt2AF6LLhxe9eHOTivEBHjGCtGwHqHg0DLB2SpX9cmzjIaGzvNaBD9a-Gw0wvZX7vxCaMvUiowFVxoZIMI3NgjijFutDYeVulw_f6jegZDZr6nJHX2bMj18lEs_lwrxcMrOc9-_JcWzTYFm0LgP5_k_V1vyVwDjB027txtGnWfSX0WSxrlWhSmbcdqfpUetVJFMN9Kt_xgdV23I36MExx8g9fynO55Wr_mnOc2bIOCL23UQTX1RKmIWcr34GNsdbuFap-nLmSVL_1t91ZI3kFQntkLBu1oFLdcx8F6nqWixMjEPnNXRunWBLBAmcDsAgCqhtpjdfuxqRL6WNi7MCMD6YVDcnmMPQt3ZNQJwRhfGDmsUTGPAJnwLk4rowFfaIrUf5Kg3JupR0daVngu50kGc04B2gT4N5jaF2ZECPa22ggmaTAfAfp_plas_5etUA0yrwgDH1rBk6JJ29cHFs3l43LjhdjNKBk6PFyrbNp3iqGuRYrmCMkCu0bWA9spl_nzC1YSMQs8ixHEizRVmjV7t8qj11PuiHjSoQxcOPv97DI8pMXZ9tlJUxJkdBo0GoeB36FjGxHN6g4vCCspdvyvEG_hT5Orxf9dsIH1EPsMfkc2g5OvLnpJpZt10BRKQI0YZ0611iECt1y34h8OlKfzDD6UWjiyr6eEJGvRscM4E26GB3AKjNtQZOdcWFpdgo9fv0Q0bMeyGmc-EbzurR8IvIEsM5dt4wCDWo9bhEgMXuSR_lb0HAokBNMf0KKPLC4-FEu7WNoTyFm3FgQkW83PMlUpA8uxBzOrk7ywrD8N0ZmVDVSg6X5IDsmAIYyUpJ2QoGcc5TuZNavDh3A209KCErVZdRCQh_oBkWKqh3ak0DuSr69nvcCjSzDYTwFDEE_xRfo5MfWjfqbPZ1lyP2ys8J8rCFwtaOkYr9NG0ZDJnshaZYFDpI5_ym1u3XyZArNihpXTUuOa2sIqfmSK1sdozyzCnJqv0S0pouULTPaJaFoFBv_DbsKcEzIzkbbLzcv3ZKgGYskCXJjL6u6Q-oojoRIwmPBnXEJnD9c4E7zSE5U6ecQZki67tVe1yW4hqkIyCyVvh4IN51eP4fGagMQAEcD_BltcEqtCcAWDUSpJ_G3fmtJ1Z6UW_mQ7lqpUqoIqT3lbjjcuP4nppJgwpVKFFmvjbFg02VLOqrfYTt-tPnh3gIuWOU63BGdAb-2rV48HIq1tuiu4Cy1NS2ZC5wASvz5mP5nxFKbsraoM3DmHVbcwTdal9KbUx4Oh61zoacflOPq3yrZsCbESq16EJs6u-gQadLBjXjiq-zWKe9OykOKEq_odaDq3yIjohBC0ifMfDslOzZaAwZqCmMg1DwvQUtYUPEY_J0Jb0yHXS10t3KAdMlpQOJtS99Aw_h0s8PCrkCGPqZ3hQgByYvuMVaX9AvXBhxLoEYwmCKkD-qMStpnfRlVm1eQYqbBsvCyzn5MqLfZcMz4RAKaKxeZ3HQRzbujIi3UT0X3MaudkOqtbwPBP0dMdc3D_aBj9YhZYclCoGWQfyjdmpvsqapYT9Nno3Icp3qVnVAm0iqODoIfoFmtHm9lX-OXEFUdVkpu_blffyh5cdPslnA1osWAZqSgGkqi_XZK24EuNK0S6q1l26zZLqz0fmkzNpxWa3q1wMtS5XFFWHozCe37TxWdVYzCTR20aP3GjGutzexi0SN11rcV6qxzrCfOzA0KjOrF-K1txeIF7X4njJxEVRuUrNZ7NOZhsndnSXsd-xyw13sywY4SWaEcYqUF9OfSaMMOCBy5cCAPg3uy_mjUFsuJQcpyZzCMBVP4tWB1TbDWVSFvUfo0RcfX11tgLBNvzoCpyaLsbzMoW5BQGR3OKkqK22UKRmVS-nhDxOW4Qb3-BONR3HIDT62Y5Q3S8JBGz-A_N1Zx8_wLFKKVgRQaPrgCc_r8816eehOuqC6eYNEUpUmuv_BJdOB8qy4xPV6qfvol6kQ00xORi3QMO3qv5UUpSa5FvGUtCWgUEPI213Ttfu6-o42hRmaki2-1fH0VQEOAZxbr32ykbDcOvH33zW-NWm8h4k687JA0-gzugS5GYBDL40N1HGL8N6l4yela0aWShO_nmuyftje9kWl7n_tI6RhMgx8rWsohTj5oL-gphizbx2JHfAJ3jfEdDOUdsSVGqJ-ZsYK27sCCMQ02-GrYux8M5q5Tlco7mRXp_gvqmyV6PnurMayaNV54rHfMDIUWptGBq5reEt9x6ZH_-2JHEz44berJIrGJDGAXX2Ss72_1INEu4Teb6oCSqLXUlCFmKDRDcq0Z_5sZAXQw9cD3XtBKcbekgneNi4R6FJffs73mzi3aEKvWqAnONscnXah--Grc-jCcXCNb03ot7uH3K3oF_wjvNje7Bk2f3oLzb624sfYcrTaBePf8f5-2UXGYhh0NXnlyO2gyfxxpWnOBlvznf9_zJRlXd3wNHLB1GdJOhiL96ueJeBqHvfcpChn7J_Klc4s603vTSzVfYaQ1fxmvf8jABi7XtgRvRplCbJscn9mnjlAU7vTmutJQ3JwUbE1_pDsbTRk2C41UvgmkiKC1WOGNwQEgTmTa8eDsU-In6urhRE-9kBQc2ChmD0A9nIg-EPHoCOnR7AMcOsv7qUUHwcHTasmEmSvG91WOqlXpvp5LqaLc5Tchd0HiLTOMOlS9Lt4q87&cid=CAQSOgDUE5ymQVUREbVKvQj1EvpHSzvB3kJv5DY7tOBxvU3jRg2J_f2ujadrIEnrCQqYonmwrPhJ28SEM7sYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F54321.video%2F&ds=l&xdt=1&iif=1&cor=13439322969520042000&adk=3047537735&idt=146&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bb146cb965d84108002ac09162d54976f1e13cda13686cdd275b129767b938a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35828
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4F18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNUyvFNiWCO8P4L7lh-Itc9rdxlACQH3HD6deRffior-8BU_-hH-In0bne1SHJl853rmUV5ekLGP2Gbl3_XzJUSXU_TF5Ra9jSilu4aJcYU-JSLCX2i0Em0DPcaadRWSbwCHgMREvWsOYOWmD47v3axLaHczqeZpkQhU8clRPwozVh9DVSM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4F18
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmQJv-SY6AQDT5R-81H5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNUyvFNiWCO8P4L7lh-Itc9rdxlACQH3HD6deRffior-8BU_-hH-In0bne1SHJl853rmUV5ekLGP2Gbl3_XzJUSXU_TF5Ra9jSilu4aJcYU-JSLCX2i0Em0DPcaadRWSbwCHgMREvWsOYOWmD47v3axLaHczqeZpkQhU8clRPwozVh9DVSM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAjUrpbduP40sZXuEfN0sMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4F18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY25DA3gEwAQ&v=APEucNUyvFNiWCO8P4L7lh-Itc9rdxlACQH3HD6deRffior-8BU_-hH-In0bne1SHJl853rmUV5ekLGP2Gbl3_XzJUSXU_TF5Ra9jSilu4aJcYU-JSLCX2i0Em0DPcaadRWSbwCHgMREvWsOYOWmD47v3axLaHczqeZpkQhU8clRPwozVh9DVSM

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:07 GMT
AN-X-Request-Uuid: a1a93b50-bde0-4243-88f4-1d5492fd994c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.196; 80.255.10.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDt2QNEV59y4z96WXRpa9DA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F18
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

170 B
188 B

50ms
49ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 07:52:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.196; 80.255.10.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 749df52e-3ef1-4407-947c-67cdc73891f3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY2MjkyNzM3ODU3OTQwMzI5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E452 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:23:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3779 1 KB
643 B 11ms
9ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E452 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ad498195916c1681b8f7bc124559f1d40963746d380d9fea27800911528880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FE34 106 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 17:06:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame FE34 8 KB
3 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrLYA4Cs2H9XebI-bOR7bouific7pe12zqLf5Rk0KSFck0G3AJ8xE9gvbb5xhGk9wRIjxXKx9kqMaPKxdw_yCuxhr_llvtNIlYbe17x7tsy2zUzYYSI5qcasUR8HwZzKub4Qs3oZ3sffF-XlumerRkMqXW-IYKesstbZBUyuPe-8C0AK4&dbm_d=AKAmf-DhbnkOKWl0vy-2JppeKVOYJ-iYNnFNFdMEuhLXMMvaGmR-DZc-g8FFdLz6n7LPIpmLhQPrakJ_uGOCh2UwEHZmv5lGqIpa87TksbUMEABlgMClgqgBBtACR8ZLUhRpJLV4wyQ8CQmsA-RcP3jFXG2RPOjpud9-z5_Q-SWrBrGHwM1HqQGk6zNIkR_BFT0ejaqcol2_fpsy6yLXgA9_fK_5-e8bv1kQS-IAkdvaTUjBD_QshKtH4-1NQPM3ZW97o5s2_rZuZflfWA5mTzzFqdKtKKUFyF9FGB_v6CazMVPF68ev6i1OffjXHhJHTNHHuwpcNB5QexzVJTN47dMaWcQ6HlmXhsk2drgiJ3khXI1xEY2tYBUscChjFxcKcO1un0wzH0MSAMCupkOn2G08mfWfQc2lh615ghDZJq7SDu4uBnVuYj08nCAYNe16xkwc4HNTxYlYmEzCmNlXksBXzk03L__nj96a8XKyxX3_XZnmaV7oJ8E8VZPTJOcu1uDmc2CzA-c1VR8zueZ9bET8RbiYUFYyGSxv_Mz8L_TpBxGhKsnsAT-B8FVMVaUzCuZXLsJ-LajXo4M-FsdFt2OlpF2hUZNVB0-DdiCeeyBOXZk9bqRWwO9vHsq-zqTJLKrSzP7ZWiUv9vf61RPBf6eqxrfSZf0l0qHhH5PbUMTBuSSBoEKK4WDk39_CHvj3UIWvrWt2AF6LLhxe9eHOTivEBHjGCtGwHqHg0DLB2SpX9cmzjIaGzvNaBD9a-Gw0wvZX7vxCaMvUiowFVxoZIMI3NgjijFutDYeVulw_f6jegZDZr6nJHX2bMj18lEs_lwrxcMrOc9-_JcWzTYFm0LgP5_k_V1vyVwDjB027txtGnWfSX0WSxrlWhSmbcdqfpUetVJFMN9Kt_xgdV23I36MExx8g9fynO55Wr_mnOc2bIOCL23UQTX1RKmIWcr34GNsdbuFap-nLmSVL_1t91ZI3kFQntkLBu1oFLdcx8F6nqWixMjEPnNXRunWBLBAmcDsAgCqhtpjdfuxqRL6WNi7MCMD6YVDcnmMPQt3ZNQJwRhfGDmsUTGPAJnwLk4rowFfaIrUf5Kg3JupR0daVngu50kGc04B2gT4N5jaF2ZECPa22ggmaTAfAfp_plas_5etUA0yrwgDH1rBk6JJ29cHFs3l43LjhdjNKBk6PFyrbNp3iqGuRYrmCMkCu0bWA9spl_nzC1YSMQs8ixHEizRVmjV7t8qj11PuiHjSoQxcOPv97DI8pMXZ9tlJUxJkdBo0GoeB36FjGxHN6g4vCCspdvyvEG_hT5Orxf9dsIH1EPsMfkc2g5OvLnpJpZt10BRKQI0YZ0611iECt1y34h8OlKfzDD6UWjiyr6eEJGvRscM4E26GB3AKjNtQZOdcWFpdgo9fv0Q0bMeyGmc-EbzurR8IvIEsM5dt4wCDWo9bhEgMXuSR_lb0HAokBNMf0KKPLC4-FEu7WNoTyFm3FgQkW83PMlUpA8uxBzOrk7ywrD8N0ZmVDVSg6X5IDsmAIYyUpJ2QoGcc5TuZNavDh3A209KCErVZdRCQh_oBkWKqh3ak0DuSr69nvcCjSzDYTwFDEE_xRfo5MfWjfqbPZ1lyP2ys8J8rCFwtaOkYr9NG0ZDJnshaZYFDpI5_ym1u3XyZArNihpXTUuOa2sIqfmSK1sdozyzCnJqv0S0pouULTPaJaFoFBv_DbsKcEzIzkbbLzcv3ZKgGYskCXJjL6u6Q-oojoRIwmPBnXEJnD9c4E7zSE5U6ecQZki67tVe1yW4hqkIyCyVvh4IN51eP4fGagMQAEcD_BltcEqtCcAWDUSpJ_G3fmtJ1Z6UW_mQ7lqpUqoIqT3lbjjcuP4nppJgwpVKFFmvjbFg02VLOqrfYTt-tPnh3gIuWOU63BGdAb-2rV48HIq1tuiu4Cy1NS2ZC5wASvz5mP5nxFKbsraoM3DmHVbcwTdal9KbUx4Oh61zoacflOPq3yrZsCbESq16EJs6u-gQadLBjXjiq-zWKe9OykOKEq_odaDq3yIjohBC0ifMfDslOzZaAwZqCmMg1DwvQUtYUPEY_J0Jb0yHXS10t3KAdMlpQOJtS99Aw_h0s8PCrkCGPqZ3hQgByYvuMVaX9AvXBhxLoEYwmCKkD-qMStpnfRlVm1eQYqbBsvCyzn5MqLfZcMz4RAKaKxeZ3HQRzbujIi3UT0X3MaudkOqtbwPBP0dMdc3D_aBj9YhZYclCoGWQfyjdmpvsqapYT9Nno3Icp3qVnVAm0iqODoIfoFmtHm9lX-OXEFUdVkpu_blffyh5cdPslnA1osWAZqSgGkqi_XZK24EuNK0S6q1l26zZLqz0fmkzNpxWa3q1wMtS5XFFWHozCe37TxWdVYzCTR20aP3GjGutzexi0SN11rcV6qxzrCfOzA0KjOrF-K1txeIF7X4njJxEVRuUrNZ7NOZhsndnSXsd-xyw13sywY4SWaEcYqUF9OfSaMMOCBy5cCAPg3uy_mjUFsuJQcpyZzCMBVP4tWB1TbDWVSFvUfo0RcfX11tgLBNvzoCpyaLsbzMoW5BQGR3OKkqK22UKRmVS-nhDxOW4Qb3-BONR3HIDT62Y5Q3S8JBGz-A_N1Zx8_wLFKKVgRQaPrgCc_r8816eehOuqC6eYNEUpUmuv_BJdOB8qy4xPV6qfvol6kQ00xORi3QMO3qv5UUpSa5FvGUtCWgUEPI213Ttfu6-o42hRmaki2-1fH0VQEOAZxbr32ykbDcOvH33zW-NWm8h4k687JA0-gzugS5GYBDL40N1HGL8N6l4yela0aWShO_nmuyftje9kWl7n_tI6RhMgx8rWsohTj5oL-gphizbx2JHfAJ3jfEdDOUdsSVGqJ-ZsYK27sCCMQ02-GrYux8M5q5Tlco7mRXp_gvqmyV6PnurMayaNV54rHfMDIUWptGBq5reEt9x6ZH_-2JHEz44berJIrGJDGAXX2Ss72_1INEu4Teb6oCSqLXUlCFmKDRDcq0Z_5sZAXQw9cD3XtBKcbekgneNi4R6FJffs73mzi3aEKvWqAnONscnXah--Grc-jCcXCNb03ot7uH3K3oF_wjvNje7Bk2f3oLzb624sfYcrTaBePf8f5-2UXGYhh0NXnlyO2gyfxxpWnOBlvznf9_zJRlXd3wNHLB1GdJOhiL96ueJeBqHvfcpChn7J_Klc4s603vTSzVfYaQ1fxmvf8jABi7XtgRvRplCbJscn9mnjlAU7vTmutJQ3JwUbE1_pDsbTRk2C41UvgmkiKC1WOGNwQEgTmTa8eDsU-In6urhRE-9kBQc2ChmD0A9nIg-EPHoCOnR7AMcOsv7qUUHwcHTasmEmSvG91WOqlXpvp5LqaLc5Tchd0HiLTOMOlS9Lt4q87&cid=CAQSOgDUE5ymQVUREbVKvQj1EvpHSzvB3kJv5DY7tOBxvU3jRg2J_f2ujadrIEnrCQqYonmwrPhJ28SEM7sYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F54321.video%2F&ds=l&xdt=1&iif=1&cor=13439322969520042000&adk=3047537735&idt=146&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:50:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame FE34 28 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:52:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13293732149038802661/ Frame F05B 13 KB
4 KB 177ms
21ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f179cacf70d4ef2a4e5771fc877aeb78f7d81ccbd4ac91675d4d7763a387cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 167902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3801
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 09:13:45 GMT
expires: Wed, 06 Mar 2024 09:13:45 GMT
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E452 0
0 219ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuZ8pWeVsPCkhqykxvFMqNKe1TXWzNCLELfYIlpMsu0S9G8JnziL7vc6HQaJsVU5iwMqwBBXJFMW1kHjZQz6Z-lAMLjLAlr4wqNFF00RCSAjBUqUuUH8yjmDiBhJwQrTkfKJUeOoVrEjznB27Iu37nFsmurJhEekN6ULTNxTzl0yOBqMsrYpej3LcIPAPDA7zjw0gt6X3A09HTvkgaNWHgfAvpbwUdsjppD8HezIhenxAqJ2va8ZlQmh4MwXxhSGxfgVECGPej7lBPjupPG7Gnf02IbcwEg1pIHP5BekYEJ-d0Bb0GoyvrzqHwVC5GJt3kcQ1Bmts_NkqH8rS2mk1OoCXc-B16I_UhceLTU9HKCAMf08lZXU7YltEb-1mb42ojVrDhP2K5ezpLiMZqvDmCoOaI7adCMJAgKos4nPZD9gz1orwwRF9d_WMZDdW4eAlOD-oCD1GhjD4UT6XFdnmlNTLMrU8DIbJsAWL4H0vv56JCqszIhMqNA-KIn1otvmFM74t9uaIY_KXcNBL8-Mx2kqLT-QyITUShJeljszeJm5RPix0S7dbgrLlWLSNakm1lRdigcBnqKqfENtccJP2_8XcRcBV2OCLNv26SDa2sOTv6du0E8c3-Br6CNj6iEYWwtS79v7nSIgzey9Wq2ztO3DYkyS7fVOjWvzelOs9GZMu1uvSkaC5EzNkVDppsAT8m4Z4VrqYup-eWrQlHivvam_UCZLd_jxPmYblcJahgYWRRj3uG1PCEMjIiDxUDGVd_mVi0bMp1HP_P0HQ9VSLqSDWMR3a3_U4Vn-kNOg4x6p3MUF3q1_Op5hpwNTErHkTPSiYYVyQRAhMbxls_GmWxizWaOmmjMIm3JYkrrDV7mD9NUoy-c_Bse3FaFIefqr0p-pgLLH_d1jZuxyKFXDpSyWFQnjtpsvJ0rVT25-jJAn0NZPcC3Ug7CZC7yQS9FipkX4vBAI7nSZBRtVJjoHJ8-6bKeW41VXkmAXxRMg_RMYgJOnKoHqfJa4L2mCnZdNOSoP074ZL2GqPLEIe8Ee1eaJPu4n2Ip5CBxEJT4T6HCCgS4aGaKXk9Um8kNqJwoE5lA39wkz98aXg-9O61U10WoV__j-AX-Q1KGEDnlYDRwnfBfwCSdGRyNJpaOgv_bGa_Av_V5EQfHjHIWoyojqY0ipHBt5ntYqqf1OWr_rYuS0RqqgyuHu4LkawZyw&sai=AMfl-YTZSeO1UKdvWppYYHFGoF3zMB_DAdDBY3VeZmd-lyIfTRZr3GdW2Xt1x5qII7QmgYsBOSgjpBsUJOgPGug1GEOQyCHAAlVzJG-yeUpaVJrhHDM7dO3YOvCTVIEFvjXKGaN-e0Hug99HB7gROzPZSlU5Bd8SQVURJX8dUV7SpqJRHBz9pwBOf83c5719rGurvTvE1eODAIXFhRzrKcn6aOHpWsBO6RJzUO1r4XBhfo8-RG4BxNJS9qgnp9lGz3askQ&sig=Cg0ArKJSzM3YoFbbdikhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=424&cbvp=1&cstd=418&cisv=r20230306.48782&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 07:52:07 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 478D 42 B
108 B 47ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9mlX59pYpgAAXEjLS0-haV3tVlItGh8g3pV_e0rqYVzlLjYBRRrz-kdIzN60_kZKNRpLXIm2yrfVBfJ8JpiFlFOStZTpB3F17uHM5ucrYTDuBOHky8mi4Q93tcSwQrT519jRO2A&sai=AMfl-YQEe1Fo9S4900XGmt61k5InqirZe1eCZQ-qgwc4H4CoVa5n5rLAGBXzj8JE5ytCkpw3kAWnKuQ_QWV8&sig=Cg0ArKJSzA-D8V_eP8YBEAE&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&id=lidar2&mcvt=1053&p=0,0,500,180&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678348325712&rpt=389&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E61 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn37i2J_VBLzpNLlGwOwT4vd3xYYO4BlyLajZpI-Ev5rLUJff2uSZerH5oiN6H5gdyWc4MeaOVuNIBgqfWgh3S6MwDl9WSwoAWXcI-RRV3FFJH4qwbRgSt9m9SiQ2pevQY63QFEg&sai=AMfl-YSzbjiNzURdcgwkdEBB999LGc2h9wCCSlSxYmQeLZ4iUW7p-uM2Ie3DSNNl7MMIW48nG9TGp58cZeF_&sig=Cg0ArKJSzLX_iZC_nxuCEAE&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&id=lidar2&mcvt=1055&p=0,0,500,180&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678348325707&rpt=375&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB19 22 KB
8 KB 23ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 12:23:20 GMT
expires: Thu, 07 Mar 2024 12:23:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3779
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECEoFEXpY14B1mZ9EnbK6oo&google_cver=1&google_push=Aa02lx9T7Wt42da68tGTHVBLOSGCvDykUZ8ePH5krSw-HnNMzxNalrNqa8A87qaVwwKXWBGulxj1weXID4lyd6_0H-Rld-ZOCXcd_...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA1MjA2MTQzMjU1OTUxNDU1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4gozQkpTDKHrK0uJJCVVk&google_cver=1

43 B
398 B

85ms
34ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4gozQkpTDKHrK0uJJCVVk&google_cver=1
Requested by: Host: 54321.video
URL: https://54321.video/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4gozQkpTDKHrK0uJJCVVk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3779 35 B
464 B 125ms
14ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEj4gnUf3luoS4S2VI1x9c8&google_cver=1&google_push=Aa02lx_CPc6O4eW5p-KyYYxCGfrCPxCTQ-HFnaVAh8Uv-1iM3CT_Iw-9sgPLBxjG2cSqOwvaqbwVBHDvqvFuAQFjG3xKeJaGwBixezkkmSuZa8QB2dBQFrP1vOegu_2L1WaQ8Pa7RchKMaPjPpH9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3779 0
173 B 132ms
21ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEz2woFVzBIGBnITGBMxA2k&google_cver=1&google_push=Aa02lx9Ws37NI8fLtIGMAunbdQzAyWR_e7YJFz84voeHW13wRrJQUFrHzW6GrkN4ojQVEY9XMN483iLtgijUlv6x8LKFqi-MNCtibrqQoNJKp9SsBSHOfPT-oOrCzXf_iD3qtq00d5mES1NXqM-I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3779
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESED6H714zjglXdaBFxxHYZ9M&google_cver=1&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9i...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9iOgIxR6-h8DWGwwL8tNqHExXz7Y885MS...

170 B
188 B

100ms
99ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9iOgIxR6-h8DWGwwL8tNqHExXz7Y885MSOlHa__01GgjqpDis&google_hm=Q0FFU0VENkg3MTR6amdsWGRhQkZ4eEhZWjlN

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:06 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-JKiON_S3KbtVcdtBVUkpxnAd0i5V7msgS9DgPusn102SAwRtNJD4AJv-fu3vkEQAnRq5oc69FLd60gVBN0I6jHTiLSgI9iOgIxR6-h8DWGwwL8tNqHExXz7Y885MSOlHa__01GgjqpDis&google_hm=Q0FFU0VENkg3MTR6amdsWGRhQkZ4eEhZWjlN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3779 42 B
213 B 132ms
22ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJJSewRXgGS6GfwmmA29Jwc&google_push=Aa02lx_IFdovJgc3et2Pp2njCP09ye4ObrgKQjQgaZbyqxVlR_8-7miOBtk2nA_AD0ocxoMxe4Lm5IvrLCW-Eqh56vik4NjbYxZCfnebs8YDUv7XTJPrVLUyyptLf0_CSd-an1tgckeZBP5Tiww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3779
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx_lwuJ0w3w2RHeYw9j6wOMcKXCQ30bRc...

170 B
188 B

43ms
43ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx_lwuJ0w3w2RHeYw9j6wOMcKXCQ30bRcpyqZRYw8kQqlgaSty7qMuJmP0eewq4itXkzXYLWhWVmtjoRQeg41iAXZJAcqSlGoQSXh9Gd_hvV6bjTeODln4c_p_FBOfPgQBJXqvR-VBKYr2sJ

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGS33nOhVHuH2xGaHq6_2v8&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx_lwuJ0w3w2RHeYw9j6wOMcKXCQ30bRcpyqZRYw8kQqlgaSty7qMuJmP0eewq4itXkzXYLWhWVmtjoRQeg41iAXZJAcqSlGoQSXh9Gd_hvV6bjTeODln4c_p_FBOfPgQBJXqvR-VBKYr2sJ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 3779 43 B
297 B 232ms
24ms Image
image/gif 2a05:d01c:1d8:8102:54e2:82c3:807e:8ba
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHP61trEXhb07TAZR3lZp0M&google_cver=1&google_push=Aa02lx-K6KHGSZ9QIpB-KkuaIFklJLPMTxnUXDB4xidA0nWSNAGb4fKBWztkSmVVpg5E2M2Pvb7UMRMyikA_eqEFxJfAMCVwlfluDj9trsCQ3xsK-Jl9OStAUHSuHfss5AFntnH1S21SZfzf1hQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=600&adk=4247381894&adf=3941934759&pi=t.aa~a.1313689495~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x600&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=2&bdt=2218&idt=-M&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280&nras=3&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ripUE68oiP&p=https%3A//54321.video&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:54e2:82c3:807e:8ba London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3779 0
12 B 44ms
40ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAjbXmvB4d_aZahmI0XJfXUcdtj1Z_HQLp5TxtYQfDx8IQTxrvTHBE60dJHw76vfaVx5d-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4519450596909494082/ Frame 9E2B 20 KB
4 KB 34ms
26ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b274881298b228e795cee87abea8079869d7aa7a5487fe0db8d0a7daa36bfa97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 526640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3777
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 05:34:47 GMT
expires: Sat, 02 Mar 2024 05:34:47 GMT
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE34 0
0 155ms
55ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulUd_9rHoYwJ_q7y4AQwr8zzKmhqs82S5UtdvN297OuiUDDWw-voMTj2-aqRp1f0dXUutP4xvS0ebCL8b5eCezBu6yjNVoUSxvfN_7SQwPi-NhArAqRmYLhUOjPANuYYc13MLir0Gy9NmU2hOZDM1heI58XAUgZLHx2_02vT9CnVHFWlGB1tOT8S1fx15Smwh-DURGsDcb67GKI7lG7hwIff3LdBG0i9cG5h_q41RyYeUH9AlFzA-m92zjVNZ_5qruVOBu--7jq-loKGbljRDUYQcG8iUOfFx7A-7OiJ-YNQ-3-JBPVhOeaE325Ebw9w_2VG67Ur23L5YNLgMwCBqVzDBDjyW01bvEMvGkVclqByTnmiigIHo-9gbBA1a86km9aN9uRvKMhWo009K9kOwLvaC2gwyM2jNFmqPhPPGX3fI0OBuS_HfxyoacB6KLwoTbFqhHdZT4f6cuT5FodslHyuT8tl1E2dJfFeFrpEz7FxxcDcSDHjZG3LMk5So8Esms_Buvk_lc5BAv6SS7WYh2yG3KVOKy-bF3d2N6YffGJ_t_vnQVXWS72nL4k2Ts5Dd7v1s2AkyrKDEZWUhHHkxnBKr3iRNEdSwyhckvXcsYrj8JTLR8PbM9KZNqefGeJBdNujQnyd6eXUWA-y6E9aenFXKSi-t3KPDsCKRCnKRLEMiMXiF2lGP4xSM0VRFp6v0JRIC1Cbh6v5Hlfg0CMcvEpBhR-JrGeyOpOvXARXZOuflV8X-sXkK8R80SniAW5fHnHyW6lkfcUnaXP0p1Pg67Nn8D2RYVlUfb-HLdKxv-raGns48VQPqMMB8Rb7OZ4I_ofOlnFe30ECCqfRQftYIU1oyPxdXyACbLPxjGR68DpCeplFue19d1tmn2TnTPKRlYlQfU_gU9PYguLxGNxD6l2jBwL0T82wWqhcEiBqR82uJBCsrpQkb-0RRXp5MCE4pT3mKvNCtfJ652iVQ2Lkp2waghJpvV6I4VpgfxeGEVKCU0NedgZuoZiJkKm3lTqH5ySXRktzFPdff_S9xEi1fQs4rmV-a_DbKaGPqy8WjOV-GZYILGbsOwg-Du9u3HtgvvrlMG_K6WPnMbuKRmus696SRtJZXEEDezuwDYD7sux3Fk0KCaiDCe2n1Dwj_8hOK7RWxMDkoMs4ESwHX_FIS78e33hoZdro93feUqVkciUaWqGCeosAZjNUbEyHEDz0Ox7_boT2YyHAkF3-flHg&sai=AMfl-YTdPNX-aEu8fL_cS7G57TOCCLvQjuwryk8z9RbP-X9Jmkbw1c2bfvuapi95WsWs5NzgA70Rtu4xDMsMDeP0io3Xq5SSJ3Wn0UP9lGEUXSmQzdFzecSOnWoDn3v4JwWi4m5eSVMv_a37ag2kjLr8NBVU47Xi3d_14UvE4uDlCOet45B3sopdeSc7URKunStWZsgp1mstRfuhJeMOvklYHvVisbO9CSFBHHZEMqx5yMx3xzv-WfB7jS-PsF_N5E-OiA&sig=Cg0ArKJSzMgovkP73J4vEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=219&cisv=r20230306.32319&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 07:52:07 GMT

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=29181076;s.a=3213511;p.a=357376930;a.a=548234172;cache=3255617143;
ad.atdmt.com/i/ Frame FE34 0
0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FE34 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:23:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D115 1 KB
643 B 20ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FE34 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84efd0a2012bd265b32449331db3b4fb225d3402fc88b6248cc0ee7a1ebffaa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame 1B2F 82 KB
30 KB 110ms
22ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: ebads.net
URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 17:44:12 GMT

GET
H2 200 style.min.css
ebads.net/modules/mod_socialads/assets/css/ Frame 1B2F 601 B
350 B 123ms
123ms Stylesheet
text/css 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ebads.net/modules/mod_socialads/assets/css/style.min.css?4dd4cbdc19bf0ad7c39f516c2e18be9b
Requested by: Host: ebads.net
URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 16c347b15fc1129b5fb1e73f3052176caca9a34db07e64907d2dffba1d964a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
content-encoding: br
last-modified: Fri, 19 Aug 2022 00:43:35 GMT
server: nginx
etag: W/"62fedcb7-259"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css

GET
H2 200 flowplayer-3.2.13.min.js Show response
ebads.net/media/com_sa/vendors/flowplayer/ Frame 1B2F 16 KB
6 KB 131ms
131ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ebads.net/media/com_sa/vendors/flowplayer/flowplayer-3.2.13.min.js?4dd4cbdc19bf0ad7c39f516c2e18be9b
Requested by: Host: ebads.net
URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 97ca04630b0848ff65357666d0649f534d1c834c7554f0372a52c594a9722da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
content-encoding: br
last-modified: Fri, 19 Aug 2022 00:43:30 GMT
server: nginx
etag: W/"62fedcb2-3f97"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 rotation.min.js Show response
ebads.net/media/com_sa/js/ Frame 1B2F 2 KB
892 B 137ms
136ms Script
application/javascript 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ebads.net/media/com_sa/js/rotation.min.js?4dd4cbdc19bf0ad7c39f516c2e18be9b
Requested by: Host: ebads.net
URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 33da2cd882ee8fd8fdeacd0b5927a3d1eb19c398305bca91c323d4fada4d84d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
content-encoding: br
last-modified: Fri, 19 Aug 2022 00:43:30 GMT
server: nginx
etag: W/"62fedcb2-74e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 herbalife-tanya-loaded-teas-shakes-banner-800x150_1677616637.png
ebads.net/images/sa/ Frame 1B2F 470 KB
470 KB 287ms
250ms Image
image/png 2607:f1c0:86e:9300::35:242a
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebads.net/images/sa/herbalife-tanya-loaded-teas-shakes-banner-800x150_1677616637.png
Requested by: Host: ebads.net
URL: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f1c0:86e:9300::35:242a , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7e4931e0535cc91d3e31a3457f371d91800c1eaa392810118b6d4f7f58691b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebads.net/index.php?option=com_sa&view=remotecontrol&adData=%7B%22ads_params%22%3A%7B%22ad_unit%22%3A%22sa_ads35%22%2C%22zone%22%3A19%2C%22num_ads%22%3A1%2C%22ad_rotation%22%3A1%2C%22ad_rotation_delay%22%3A10%2C%22no_rand%22%3A1%7D%2C%22context_params%22%3A%7B%22keys%22%3Afalse%7D%7D&format=raw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
last-modified: Tue, 28 Feb 2023 20:37:17 GMT
server: nginx
etag: "63fe65fd-756e8"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 481000

GET
H3 200 a6fc438daf2c8cc18f7294c60eb5597b.js Show response
s0.2mdn.net/sadbundle/13293732149038802661/ Frame F05B 57 KB
15 KB 23ms
22ms Script
application/x-javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/a6fc438daf2c8cc18f7294c60eb5597b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15831
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 13:38:15 GMT

GET
H3 200 eb8068ee5f230353a3ea4ff96293282e.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 282 B
228 B 23ms
22ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/eb8068ee5f230353a3ea4ff96293282e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8718fe8083954d129a045f62607fa70de7d1524566871cb54c06da95c0654f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 17:08:24 GMT

GET
H3 200 959ee20a682391be3c1ff5a2c77afaba.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 31 KB
1 KB 23ms
22ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/959ee20a682391be3c1ff5a2c77afaba.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1eaf0b8369441ed0c7f30d3e1b5dbc310ba8008354876451549d0284259024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1332
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 16:53:12 GMT

GET
H3 200 550bdc05437a689234b6839bf7b821ce.jpg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 23 KB
23 KB 28ms
25ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/550bdc05437a689234b6839bf7b821ce.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c93e2a5aa2c55fc43c3514ef841c2fbf8c1302b044994f8adec4e28577ae99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:14:41 GMT
x-content-type-options: nosniff
age: 578246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23536
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 15:14:41 GMT

GET
H3 200 6761c05e4f3d3c25fceccc133874cb01.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 812 B
476 B 25ms
23ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/6761c05e4f3d3c25fceccc133874cb01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701a47236c4a039990b75297af0a2882c6e988037dcf03437926105321e6ef37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 447
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:35:04 GMT

GET
H3 200 6ce0c32da87ad74e333e0afb0e54bb54.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 5 KB
2 KB 26ms
23ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/6ce0c32da87ad74e333e0afb0e54bb54.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c3f7020f3671e67ea03411b07fe373877e54c96e26ae41003dc906316bdfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54720
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1859
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 16:40:07 GMT

GET
H3 200 132830991b5f3ebcd41b38fc9b044c76.jpg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 30 KB
30 KB 94ms
92ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/132830991b5f3ebcd41b38fc9b044c76.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe76caeba5d2ec967bf503b94737dafe0be9d2d3ddc6d7975f875882665ef604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:14:06 GMT
x-content-type-options: nosniff
age: 95881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30212
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 05:14:06 GMT

GET
H3 200 416c33c95bdecb4023e00e2e7a8a5d92.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 777 B
444 B 95ms
93ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/416c33c95bdecb4023e00e2e7a8a5d92.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2cc30b4b11efbb9d31e5f68ce34fe94d3f1beeb2bfe6107fa4aea019c9a9e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 12:46:51 GMT

GET
H3 200 bdc71a86b87122353e222ba2eadf7561.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 147 B
169 B 94ms
92ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/bdc71a86b87122353e222ba2eadf7561.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa8e03bb3bec58cf34cd631e6ec6f54dde7d9c503ae00971ee2fe4b0af0ade52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 17:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 17:10:23 GMT

GET
H3 200 9a1f06acaad12e0bc5597dae5764b4bd.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 6 KB
2 KB 95ms
93ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/9a1f06acaad12e0bc5597dae5764b4bd.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b03eeabebb391f37e9bc9a00f8d375446f77826d25616217420084f42c1652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2123
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 20:23:03 GMT

GET
H3 200 94acaede235f8d924344bf5006e216ff.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 2 KB
948 B 96ms
94ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/94acaede235f8d924344bf5006e216ff.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24868759eff62f746c33f115e121528a0d9f23e41b9b0f2edb68881cfbe9e357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 914
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 07:26:57 GMT

GET
H3 200 4300861fed8a328dad64b1042c5461e3.svg
s0.2mdn.net/sadbundle/4519450596909494082/images/ Frame 9E2B 2 KB
1 KB 95ms
93ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4519450596909494082/images/4300861fed8a328dad64b1042c5461e3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbcdef9a2e7c285f3dd6a8091ea2610e9b5317a121f1b06ec8b3d3dfb3ef393e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4519450596909494082/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1119
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 13:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:15:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A2E7 22 KB
8 KB 23ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 12:23:20 GMT
expires: Thu, 07 Mar 2024 12:23:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D115
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBtiu_rFx5PDtv11EJkd6DI&google_cver=1&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb92EiH3jCw7ef_y9PK6vpUizUcyJAChmkNPwtdhYkEn&google_hm=jsK_Zb2B0TeP...

170 B
188 B

64ms
58ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb92EiH3jCw7ef_y9PK6vpUizUcyJAChmkNPwtdhYkEn&google_hm=jsK_Zb2B0TeP78fO5JP5JQ

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8ELaIwWMmFcJi0Sx3dnYyx9fJO-F5I4VpBKeQ8nQZZHqHxGYnVEb92EiH3jCw7ef_y9PK6vpUizUcyJAChmkNPwtdhYkEn&google_hm=jsK_Zb2B0TeP78fO5JP5JQ
pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D115
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-3Hl_n...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx-3Hl_n...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDkwNzUyMDgwMDAyMjI4MTM4OTAxMg%3D%3D&google_push=Aa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gok...

170 B
188 B

47ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDkwNzUyMDgwMDAyMjI4MTM4OTAxMg%3D%3D&google_push=Aa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gokka_pNzl3GrJgGrxwRo66ZSoaBBpUhw

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDkwNzUyMDgwMDAyMjI4MTM4OTAxMg%3D%3D&google_push=Aa02lx-3Hl_nDnlGKmRReSpopMqmcyXr6mJUib7eNXdLYY0Y5y-I0js_LTJbICcoK38gokka_pNzl3GrJgGrxwRo66ZSoaBBpUhw
pragma: no-cache
date: Thu, 09 Mar 2023 07:52:08 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 09 Mar 2023 07:52:08 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D115 43 B
351 B 173ms
58ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOLpwj9HyBWebPMxuKcwuyk&google_cver=1&google_push=Aa02lx9sdptk4HlKUhaX9kps0jWlJONIy4a3DtKKX_sQrrO6Nsaco30gk6oltgEhQL-6ewqkEj8bTy4T5fCWPHHq-kx0v26N1aU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6253689186017899&output=html&h=240&adk=654859220&adf=1596821958&pi=t.aa~a.1313698392~rp.4&w=250&fwrn=4&fwrnh=100&lmt=1678348325&rafmt=1&to=qs&pwprc=3495258229&format=250x240&url=https%3A%2F%2F54321.video%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678348325595&bpp=1&bdt=2218&idt=1&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D008c714547832f9e-22a1fdc546dd0001%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MZp6s38GD2Y-eI3haXDpb-tRUQkfw&gpic=UID%3D00000bc29d5b6e85%3AT%3D1678348324%3ART%3D1678348324%3AS%3DALNI_MYpW67ouDpxI5YKwedQiOpwLMndEQ&prev_fmts=0x0%2C1200x280%2C850x280%2C250x600&nras=4&correlator=6717609331106&frm=20&pv=1&ga_vid=1692931144.1678348324&ga_sid=1678348324&ga_hid=502074941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C44772269&oid=2&pvsid=1126670180076050&tmod=1340165703&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xOPIG2GZYC&p=https%3A//54321.video&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fugu29ei5fjnfjutouki32rmbs9qhn3g

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D115
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZBimibiqTxqtx-KWqokocw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
53ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZBimibiqTxqtx-KWqokocw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_W-IR4JCZwI6e49WSYZf63yHSrFrWDrxuUBrxIFc-k2Z7vuK_pwk1r4dckn1M6O_OCLPYgOzRZDkzv96jRv5_POnK8b5DA

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZBimibiqTxqtx-KWqokocw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_W-IR4JCZwI6e49WSYZf63yHSrFrWDrxuUBrxIFc-k2Z7vuK_pwk1r4dckn1M6O_OCLPYgOzRZDkzv96jRv5_POnK8b5DA
date: Thu, 09 Mar 2023 07:52:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D115
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKF3XooG318Tt2F4UPw8LRI&google_cver=1&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwVDlETkMtMjUtQ1JRMg==&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4pV6RJQHLGMpijo9ye94Nk7Jsh

170 B
188 B

45ms
43ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwVDlETkMtMjUtQ1JRMg==&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4pV6RJQHLGMpijo9ye94Nk7Jsh

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwVDlETkMtMjUtQ1JRMg==&google_push=Aa02lx9OL6MGjXrz739tbnayDhVkT-pPZXp--s7ahmxepzZ0jdrqFXiMuaqkTDwVHwUzuQXlSV4pV6RJQHLGMpijo9ye94Nk7Jsh
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D115
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx-o3w8cSNkqQ8Pf8SRLaFJ0wFtLO6dYb...

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx-o3w8cSNkqQ8Pf8SRLaFJ0wFtLO6dYbTLgURaDxXtu5IS6tMEylp2TQc9pmMkrT8Hzht0GVvCavdzTBigzPMpdmXooUQo

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 07:52:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHcNHAtHJ5IHavo9YnMtrJ4&google_hm=ZAmQJv_SY6AQDT5R_81H5AAADLYAAAIB&google_nid=index&google_push=Aa02lx-o3w8cSNkqQ8Pf8SRLaFJ0wFtLO6dYbTLgURaDxXtu5IS6tMEylp2TQc9pmMkrT8Hzht0GVvCavdzTBigzPMpdmXooUQo
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame D115 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D115 0
12 B 59ms
55ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgwHMfHo3KENERtOXycSnduSltu9-NqWpm_Unl7avkDhZL2xEedSSPj-Rj6dxRXjKFiOJ8cQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame BB19 36 KB
14 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DCB 42 B
64 B 77ms
75ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6dTy8E5PTIy882NBFhlphuIed084xyv4RsgOC3f92JD1EVo9RsE8QL-KHAwBrQARyDQLFsM2G2NjEeDOznEa1ahgh8xHHvkOD0Nx6xg5BxVrwMXzRNosBNHdwnxjUaznIW1x14A&sai=AMfl-YRPDIZMwSLgWIe6o-O98kEaMp-ujhqYMHtcpb5wkHeT21Q1SLL4DYApcQYDtyqHkQnxu6WWQJ3Hb9ZW&sig=Cg0ArKJSzEG1mtTAsWGgEAE&cid=CAQSGwDUE5ymu6x6fUM5PEyVoGfwp4WmXxOy33CbXxgB&id=lidar2&mcvt=1020&p=0,0,280,1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1993245050&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678348324291&rpt=2093&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9881d7df0b300d92200ebcbe31ea57a7.svg
s0.2mdn.net/sadbundle/13293732149038802661/media/ Frame F05B 2 KB
796 B 48ms
38ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/media/9881d7df0b300d92200ebcbe31ea57a7.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 07:01:02 GMT

GET
H3 200 5651b9a0da97eaae45c4323a7b9f789d.svg
s0.2mdn.net/sadbundle/13293732149038802661/media/ Frame F05B 15 KB
5 KB 52ms
41ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/media/5651b9a0da97eaae45c4323a7b9f789d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

367b2d87adb7229bad1192b9e62eec6603cfa94dacab88f68c08158b342527bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5387
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 18:58:45 GMT

GET
H3 200 ac4848f5dbf9aff1f6f13ddd9583fb81.svg
s0.2mdn.net/sadbundle/13293732149038802661/media/ Frame F05B 13 KB
4 KB 50ms
40ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4549
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 19:26:45 GMT

GET
H3 200 c47a56467d7806c94a9953bb95c1e91c.svg
s0.2mdn.net/sadbundle/13293732149038802661/media/ Frame F05B 7 KB
2 KB 47ms
39ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/media/c47a56467d7806c94a9953bb95c1e91c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac844676f509734b1097c23a6f007746c5c29ea8995fc3499f87841094aa775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1817
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 05:41:44 GMT

GET
H3 200 bfb145a64f74e892297169fa60a74aa1.svg
s0.2mdn.net/sadbundle/13293732149038802661/media/ Frame F05B 44 KB
12 KB 50ms
42ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13293732149038802661/media/bfb145a64f74e892297169fa60a74aa1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7445b15985bff8d1911cf49ade51d502ac43f40063b0cec581a4c6a03aeb7134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13293732149038802661/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12543
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 11:01:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 13:38:16 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame A2E7 36 KB
14 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 07:29:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 899A 42 B
64 B 82ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubNZbE2vaHUBevmbFNSncPK-yi9jfleA9xqCJ7ufVF68O8cqiczO7Psbb1KcReOTh2e_-GIiJWGXyxjZ0jdlSGOQOcerws_7xuMb1Xltgb_RnWgpNEf4QPaKulgfdXwOhiDqRwBg&sai=AMfl-YR6iDz_UsCW3mkfvQOIEIkh6lI-8pegzsmbeWupXs3qjUzikP8NbasdtIOCGSdChXolhcPRaN95Z0Lm&sig=Cg0ArKJSzLSEFDZ7A81PEAE&cid=CAQSGwDUE5ym0CE6mFi6npLn54y7rnXI9XrYDhWdchgB&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678348325698&rpt=757&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE34 0
0 49ms
44ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulUd_9rHoYwJ_q7y4AQwr8zzKmhqs82S5UtdvN297OuiUDDWw-voMTj2-aqRp1f0dXUutP4xvS0ebCL8b5eCezBu6yjNVoUSxvfN_7SQwPi-NhArAqRmYLhUOjPANuYYc13MLir0Gy9NmU2hOZDM1heI58XAUgZLHx2_02vT9CnVHFWlGB1tOT8S1fx15Smwh-DURGsDcb67GKI7lG7hwIff3LdBG0i9cG5h_q41RyYeUH9AlFzA-m92zjVNZ_5qruVOBu--7jq-loKGbljRDUYQcG8iUOfFx7A-7OiJ-YNQ-3-JBPVhOeaE325Ebw9w_2VG67Ur23L5YNLgMwCBqVzDBDjyW01bvEMvGkVclqByTnmiigIHo-9gbBA1a86km9aN9uRvKMhWo009K9kOwLvaC2gwyM2jNFmqPhPPGX3fI0OBuS_HfxyoacB6KLwoTbFqhHdZT4f6cuT5FodslHyuT8tl1E2dJfFeFrpEz7FxxcDcSDHjZG3LMk5So8Esms_Buvk_lc5BAv6SS7WYh2yG3KVOKy-bF3d2N6YffGJ_t_vnQVXWS72nL4k2Ts5Dd7v1s2AkyrKDEZWUhHHkxnBKr3iRNEdSwyhckvXcsYrj8JTLR8PbM9KZNqefGeJBdNujQnyd6eXUWA-y6E9aenFXKSi-t3KPDsCKRCnKRLEMiMXiF2lGP4xSM0VRFp6v0JRIC1Cbh6v5Hlfg0CMcvEpBhR-JrGeyOpOvXARXZOuflV8X-sXkK8R80SniAW5fHnHyW6lkfcUnaXP0p1Pg67Nn8D2RYVlUfb-HLdKxv-raGns48VQPqMMB8Rb7OZ4I_ofOlnFe30ECCqfRQftYIU1oyPxdXyACbLPxjGR68DpCeplFue19d1tmn2TnTPKRlYlQfU_gU9PYguLxGNxD6l2jBwL0T82wWqhcEiBqR82uJBCsrpQkb-0RRXp5MCE4pT3mKvNCtfJ652iVQ2Lkp2waghJpvV6I4VpgfxeGEVKCU0NedgZuoZiJkKm3lTqH5ySXRktzFPdff_S9xEi1fQs4rmV-a_DbKaGPqy8WjOV-GZYILGbsOwg-Du9u3HtgvvrlMG_K6WPnMbuKRmus696SRtJZXEEDezuwDYD7sux3Fk0KCaiDCe2n1Dwj_8hOK7RWxMDkoMs4ESwHX_FIS78e33hoZdro93feUqVkciUaWqGCeosAZjNUbEyHEDz0Ox7_boT2YyHAkF3-flHg&sai=AMfl-YTdPNX-aEu8fL_cS7G57TOCCLvQjuwryk8z9RbP-X9Jmkbw1c2bfvuapi95WsWs5NzgA70Rtu4xDMsMDeP0io3Xq5SSJ3Wn0UP9lGEUXSmQzdFzecSOnWoDn3v4JwWi4m5eSVMv_a37ag2kjLr8NBVU47Xi3d_14UvE4uDlCOet45B3sopdeSc7URKunStWZsgp1mstRfuhJeMOvklYHvVisbO9CSFBHHZEMqx5yMx3xzv-WfB7jS-PsF_N5E-OiA&sig=Cg0ArKJSzMgovkP73J4vEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=543&vt=11&dtpt=319&dett=3&cstd=219&cisv=r20230306.32319&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:52:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 07:52:07 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E452 0
0 66ms
63ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuZ8pWeVsPCkhqykxvFMqNKe1TXWzNCLELfYIlpMsu0S9G8JnziL7vc6HQaJsVU5iwMqwBBXJFMW1kHjZQz6Z-lAMLjLAlr4wqNFF00RCSAjBUqUuUH8yjmDiBhJwQrTkfKJUeOoVrEjznB27Iu37nFsmurJhEekN6ULTNxTzl0yOBqMsrYpej3LcIPAPDA7zjw0gt6X3A09HTvkgaNWHgfAvpbwUdsjppD8HezIhenxAqJ2va8ZlQmh4MwXxhSGxfgVECGPej7lBPjupPG7Gnf02IbcwEg1pIHP5BekYEJ-d0Bb0GoyvrzqHwVC5GJt3kcQ1Bmts_NkqH8rS2mk1OoCXc-B16I_UhceLTU9HKCAMf08lZXU7YltEb-1mb42ojVrDhP2K5ezpLiMZqvDmCoOaI7adCMJAgKos4nPZD9gz1orwwRF9d_WMZDdW4eAlOD-oCD1GhjD4UT6XFdnmlNTLMrU8DIbJsAWL4H0vv56JCqszIhMqNA-KIn1otvmFM74t9uaIY_KXcNBL8-Mx2kqLT-QyITUShJeljszeJm5RPix0S7dbgrLlWLSNakm1lRdigcBnqKqfENtccJP2_8XcRcBV2OCLNv26SDa2sOTv6du0E8c3-Br6CNj6iEYWwtS79v7nSIgzey9Wq2ztO3DYkyS7fVOjWvzelOs9GZMu1uvSkaC5EzNkVDppsAT8m4Z4VrqYup-eWrQlHivvam_UCZLd_jxPmYblcJahgYWRRj3uG1PCEMjIiDxUDGVd_mVi0bMp1HP_P0HQ9VSLqSDWMR3a3_U4Vn-kNOg4x6p3MUF3q1_Op5hpwNTErHkTPSiYYVyQRAhMbxls_GmWxizWaOmmjMIm3JYkrrDV7mD9NUoy-c_Bse3FaFIefqr0p-pgLLH_d1jZuxyKFXDpSyWFQnjtpsvJ0rVT25-jJAn0NZPcC3Ug7CZC7yQS9FipkX4vBAI7nSZBRtVJjoHJ8-6bKeW41VXkmAXxRMg_RMYgJOnKoHqfJa4L2mCnZdNOSoP074ZL2GqPLEIe8Ee1eaJPu4n2Ip5CBxEJT4T6HCCgS4aGaKXk9Um8kNqJwoE5lA39wkz98aXg-9O61U10WoV__j-AX-Q1KGEDnlYDRwnfBfwCSdGRyNJpaOgv_bGa_Av_V5EQfHjHIWoyojqY0ipHBt5ntYqqf1OWr_rYuS0RqqgyuHu4LkawZyw&sai=AMfl-YTZSeO1UKdvWppYYHFGoF3zMB_DAdDBY3VeZmd-lyIfTRZr3GdW2Xt1x5qII7QmgYsBOSgjpBsUJOgPGug1GEOQyCHAAlVzJG-yeUpaVJrhHDM7dO3YOvCTVIEFvjXKGaN-e0Hug99HB7gROzPZSlU5Bd8SQVURJX8dUV7SpqJRHBz9pwBOf83c5719rGurvTvE1eODAIXFhRzrKcn6aOHpWsBO6RJzUO1r4XBhfo8-RG4BxNJS9qgnp9lGz3askQ&sig=Cg0ArKJSzM3YoFbbdikhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=929&vt=11&dtpt=505&dett=3&cstd=418&cisv=r20230306.48782&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: 54321.video
URL: https://54321.video/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS