chicadventureit.com Open in urlscan Pro
2606:4700:3033::6815:5bc6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chicadventureit.com/
Effective URL:
https://chicadventureit.com/
Submission: On April 19 via manual (April 19th 2022, 1:49:26 am UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 26 domains to perform 170 HTTP transactions. The main IP is 2606:4700:3033::6815:5bc6, located in United States and belongs to CLOUDFLARENET, US. The main domain is chicadventureit.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 30th 2021. Valid for: a year.

This is the only time chicadventureit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3033::6815:5bc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:b400:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:1c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
2 13	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6 15	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 7	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	52.205.82.149 52.205.82.149	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:16db:9a62:bb6f:30eb	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1 2	2a02:2638::1c 2a02:2638::1c	() ()
2	178.250.0.157 178.250.0.157	() ()
1	52.223.40.198 52.223.40.198	() ()
3	151.101.193.108 151.101.193.108	() ()
170	34

20 2606:4700:3033::6815:5bc6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chicadventureit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.33.220.100 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.34 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Monrovia, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.82.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-82-149.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:16db:9a62:bb6f:30eb (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	243 KB
30	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	275 KB
20	chicadventureit.com 1 redirects chicadventureit.com	398 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	623 KB
16	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 acdn.adnxs.com	76 KB
9	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	356 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	6 KB
6	adform.net adx.adform.net — Cisco Umbrella Rank: 3977	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 300	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	109 KB
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5993	543 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1173	758 B
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282 fonts.googleapis.com — Cisco Umbrella Rank: 46	37 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 44987 get.optad360.io — Cisco Umbrella Rank: 26184	199 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 824 s.tribalfusion.com — Cisco Umbrella Rank: 2497	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7579	914 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1879	24 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	5 KB
1	adsrvr.org match.adsrvr.org	546 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 62017	551 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3110	1 KB
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4515	618 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576	535 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	860 B
170	26

	Domain	Requested by
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net chicadventureit.com www.googletagservices.com
20	chicadventureit.com	1 redirects chicadventureit.com
19	s0.2mdn.net	chicadventureit.com s0.2mdn.net
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com s0.2mdn.net
15	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
13	ib.adnxs.com	2 redirects get.optad360.io googleads.g.doubleclick.net acdn.adnxs.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net chicadventureit.com
6	adx.adform.net	get.optad360.io
4	encrypted-tbn2.gstatic.com	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	chicadventureit.com
4	googleads.g.doubleclick.net	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com chicadventureit.com
4	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	acdn.adnxs.com	get.optad360.io
3	encrypted-tbn3.gstatic.com	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
3	www.googletagservices.com	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
3	prebid-eu.creativecdn.com	get.optad360.io
3	prebid.a-mo.net	get.optad360.io
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	script.4dex.io	get.optad360.io script.4dex.io
2	ajax.googleapis.com	chicadventureit.com s0.2mdn.net
2	get.optad360.io	chicadventureit.com get.optad360.io
2	cdn.jsdelivr.net	chicadventureit.com get.optad360.io
1	match.adsrvr.org	get.optad360.io
1	portal.o2online.de
1	fonts.gstatic.com	fonts.googleapis.com
1	a.rfihub.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	fksnk.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.gstatic.com	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
1	fonts.googleapis.com	d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
1	cmp.optad360.io	chicadventureit.com
170	41

This site contains links to these domains. Also see Links.

Domain
www.optad360.com
bg.chicadventureit.com
fr.chicadventureit.com
hi.chicadventureit.com
hr.chicadventureit.com
hu.chicadventureit.com
cs.chicadventureit.com
tr.chicadventureit.com
ko.chicadventureit.com
ja.chicadventureit.com
el.chicadventureit.com
da.chicadventureit.com
it.chicadventureit.com
ca.chicadventureit.com
de.chicadventureit.com
lv.chicadventureit.com
lt.chicadventureit.com
nl.chicadventureit.com
no.chicadventureit.com
pl.chicadventureit.com
pt.chicadventureit.com
sv.chicadventureit.com
sr.chicadventureit.com
sk.chicadventureit.com
sl.chicadventureit.com
ro.chicadventureit.com
uk.chicadventureit.com
ru.chicadventureit.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-30` - `2022-08-29`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.a-mo.net R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://chicadventureit.com/
Frame ID: 559EA45D2C555B6A70B1AD53076E2A7D
Requests: 54 HTTP requests in this frame

Frame: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E81CB0460BCDB47C2575DABB0B546F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF3C52A8AB15EDFD1A6BF93707997A87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB00015CF756EF1CEA08C2D1C6D059BB
Requests: 2 HTTP requests in this frame

Frame: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BE74840C1E30FA98398284360DB2B2C7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXxUZzW62gGt8n90u0alIL8im-zpWp1RWIkIqiAPD2KDGpw7XMb2ooeOfQ7tAtjjgVd5_UoCJDA6LdyoNS3MVtRKDsjB5Q0pqQr0qXAH7fTi18Sle34mZ0znwTZp2t8blO1AUuRphqfCOtQpNH6H57ZYaUTgp4bwqppZjx5ySYBbv8I-mmo9cyM45vkDO5tj0czEpUqkZ7pY0cao-Ol-FOgqM7T-Q
Frame ID: 09A312D1A0465A7F5D2E0C58EB751353
Requests: 5 HTTP requests in this frame

Frame: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8EF0E94FF2866FB76613AEEC4E62B27
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_t_4xgEwAQ&v=APEucNU5Ih6smLQ6RZlkjNFR2gRtRP-AnQumQUSsKxn7uY0NOLn5N6NMiqPMo7mv_gd-vebthx7vP3PjBwXuJs8YN-ucq3aDlX8Mi7H9qGbDb4wljx1topUUzAc5DuZT9ozXUDRaGoipSwMyFbl8j51fTLLDvx1VADm0AMpDyayQ3WBGJnljJbKXM50qn-KRP_Z0Dj_Es5JtWSCFjdLpPJ6kZcx7s47zlw
Frame ID: C7E47E9F874ECE3C5B5B9E1CD948CF89
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B93E611329B03B294D1E86501417C570
Requests: 3 HTTP requests in this frame

Frame: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8CD9CA52EDD61A29BEB29E9508ADA10A
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
Frame ID: 8FB23D989CE37A478FA23039C1C5DA46
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 616B31D50FBC70540C688C3FD61D1BAA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
Frame ID: 77A0E40298241FCEE1B0A37B64259227
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10CF0FA0C22600D3B15C0B831781395F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: AD16482EA77619571AE661EB980BF292
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: D33A7081E6FFD377E9EE9FEB8340769E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 9E253CCBB0AE081CD582C688A11A7E29
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7923D46748DC2B36BCDC2D64A33AD014
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7B2743FB143D836D282C1ED605859586
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7C67052BCADA54857409177B8DCF3A83
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citas Interesantes

Page URL History Show full URLs

http://chicadventureit.com/ HTTP 301
https://chicadventureit.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

170
Requests

91 %
HTTPS

56 %
IPv6

26
Domains

41
Subdomains

34
IPs

5
Countries

2353 kB
Transfer

4953 kB
Size

28
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.optad360.com/en/?utm_medium=AdsInfo&utm_source=chicadventureit.com
Title: Ads by optAd360

Search URL Search Domain Scan URL

URL: http://bg.chicadventureit.com/
Title: BG

Search URL Search Domain Scan URL

URL: http://fr.chicadventureit.com/
Title: FR

Search URL Search Domain Scan URL

URL: http://hi.chicadventureit.com/
Title: HI

Search URL Search Domain Scan URL

URL: http://hr.chicadventureit.com/
Title: HR

Search URL Search Domain Scan URL

URL: http://hu.chicadventureit.com/
Title: HU

Search URL Search Domain Scan URL

URL: http://cs.chicadventureit.com/
Title: CS

Search URL Search Domain Scan URL

URL: http://tr.chicadventureit.com/
Title: TR

Search URL Search Domain Scan URL

URL: http://ko.chicadventureit.com/
Title: KO

Search URL Search Domain Scan URL

URL: http://ja.chicadventureit.com/
Title: JA

Search URL Search Domain Scan URL

URL: http://el.chicadventureit.com/
Title: EL

Search URL Search Domain Scan URL

URL: http://da.chicadventureit.com/
Title: DA

Search URL Search Domain Scan URL

URL: http://it.chicadventureit.com/
Title: IT

Search URL Search Domain Scan URL

URL: http://ca.chicadventureit.com/
Title: CA

Search URL Search Domain Scan URL

URL: http://de.chicadventureit.com/
Title: DE

Search URL Search Domain Scan URL

URL: http://lv.chicadventureit.com/
Title: LV

Search URL Search Domain Scan URL

URL: http://lt.chicadventureit.com/
Title: LT

Search URL Search Domain Scan URL

URL: http://nl.chicadventureit.com/
Title: NL

Search URL Search Domain Scan URL

URL: http://no.chicadventureit.com/
Title: NO

Search URL Search Domain Scan URL

URL: http://pl.chicadventureit.com/
Title: PL

Search URL Search Domain Scan URL

URL: http://pt.chicadventureit.com/
Title: PT

Search URL Search Domain Scan URL

URL: http://sv.chicadventureit.com/
Title: SV

Search URL Search Domain Scan URL

URL: http://sr.chicadventureit.com/
Title: SR

Search URL Search Domain Scan URL

URL: http://sk.chicadventureit.com/
Title: SK

Search URL Search Domain Scan URL

URL: http://sl.chicadventureit.com/
Title: SL

Search URL Search Domain Scan URL

URL: http://ro.chicadventureit.com/
Title: RO

Search URL Search Domain Scan URL

URL: http://uk.chicadventureit.com/
Title: UK

Search URL Search Domain Scan URL

URL: http://ru.chicadventureit.com/
Title: RU

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chicadventureit.com/ HTTP 301
https://chicadventureit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAVfsrrC9dl03FcMHUh6vrA&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl4VI5B.aeG1ka.OE46rFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENni_bNJ6ZNKffZEuo4rJmM&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl4VI5B.aeG1ka.OE46rFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEPEQSviJV7DFufHuxjl2tw&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

Request Chain 124

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPo29dv-ay6wcNFgN8_xPzk&google_cver=1&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUqw1SChQC63u8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUqw1SChQC63u8

Request Chain 125

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 126

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHbnhaynV3vfbevGjJ-0eI8&google_cver=1&google_push=AYg5qPI2AkrnyqfdweNC29SgRaOTmTatReon8GKVytyHL_oamkIPYAvyMujhnEmgx_TlVI-55lAkoh1XeACkfR2qoLOnSxxTcKGh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHbnhaynV3vfbevGjJ-0eI8&google_push=AYg5qPI2AkrnyqfdweNC29SgRaOTmTatReon8GKVytyHL_oamkIPYAvyMujhnEmgx_TlVI-55lAkoh1XeACkfR2qoLOnSxxTcKGh

Request Chain 127

https://fksnk.com/cs/google?google_gid=CAESEE9deTj3D9mN_lb3BpEExEk&google_cver=1&google_push=AYg5qPJLK5KTO4J44G0Ns_wfuI8kfJSp8I7iGk12qDckdUHnV3KOMxTdSb6aLIPHzfSLcMGyHwQZcqZyejUox5CFV2uRXUbOoBpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUNEMDczNkVBNEFFODk5Nw==

Request Chain 128

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOKYH_D79q7TYR2orXkDdDc&google_cver=1&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm8ccA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm8ccA&google_hm=ODc3MDAwMTMxMTM2MDk0MzAxMg%3D%3D

Request Chain 129

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ9UEU4dZItoIHZdDxKcrWk&google_cver=1&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdIqjm4HWLq1dUt2dAVGs_pU3kjBE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ9UEU4dZItoIHZdDxKcrWk&google_cver=1&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdIqjm4HWLq1dUt2dAVGs_pU3kjBE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UbXRmRTFGRTJ1RTJxTkFYX3dVWjEuY1JMVlZOUjVyLn5B&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdIqjm4HWLq1dUt2dAVGs_pU3kjBE

Request Chain 130

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECWaxDRuJ3cSPpyUWkDMI_g&google_cver=1&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWXuQETO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWXuQETO&google_hm=OTA0ODI0NDMwODMzNjM0MDM0NA==

Request Chain 160

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchicadventureit.com%2F&domain=chicadventureit.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=YukVqnxuL1h1akViMEpJbEpPUTk0ZTBwZjdnR0tSNjd2Ty9LU3JBYnJZS3l5eW5RQVdtdnJXK3FiR3FPcDl5L1A1cmpsdHhrTE1pS3BKdVZQUUlSeVZ0c2JaMm0wY3ZGL0E4MjBkb25HTmV3TGRBS3AxcTNVZURodjZTU3E2TGxlK2ZFMHJOSnA0S2dFNFpwM0grVjRkWER5SDAySnlnTjB2R0FQbHpvVjBmUEdORjFNZkRiekN3WlUzTDNUS0ZsYm4wVWtTd1EzZWNDNWkrTitiSlY5K1ZiTGhoMDcxK2ozQUJyWi96K0d0RWRMYzJzPXw&cppv=2

170 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chicadventureit.com/
Redirect Chain

http://chicadventureit.com/
https://chicadventureit.com/

31 KB
6 KB

109ms
76ms

Document
text/html

2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9368b1c1b3caf76b4b6bf0558ec7d32ef03b2e837cbb3a4907c5619d00aeefac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fe1fbae28545c6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Apr 2022 01:49:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=087oB6WqoGwARtGt7Ri4aKdccGGOGgJyp1gG1xbH0n4KrMpCOnV9d9fF7w%2FwPKoBzvUlVcS0TUrqG3D5KsRBoMJG7OllgK3wIH4NpFhVRmEX1Sa4EEStqWIYBXhpY1L5VPR8F%2BHyBgvmZQxv%2FSr9wUID"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 6fe1fbadcdac9a23-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 19 Apr 2022 01:49:20 GMT
Expires: Tue, 19 Apr 2022 02:49:20 GMT
Location: https://chicadventureit.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObtKaU9HuzAgzW656ttOU7q9o%2FwF7ZODk3%2BdZH3wTODh0Z%2FZUxbSctENZoFJp9fgDkCldTGrlR9H%2BkwT0TydnvHRZiY4rUE3F8BqQWEDmXcw8Z0GWwVcZNo2tcR8fx7NNCdx83%2FpdrGxqMo8UETG6x1U"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
chicadventureit.com/template/css/ 2 KB
926 B 26ms
23ms Stylesheet
text/css 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/css/styles.css
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 670523
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxb5vngqqKM%2Fk2Rb56O7HyJ1VmNlhWV3fgUD0KdpPiUwXlsC6z%2BDPY%2FSCMyAe%2FlHtvDozlBIrSrMcNmLpQmzt1dg337Ux6i5mu2L4bH0GDVruQtD%2BeiFCN22YYWtLbc1DJxX3vGh7x40jrBH5OxKd828"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8de5c6e-FRA
expires: Wed, 11 May 2022 07:33:58 GMT

GET
H2 200 bootstrap.css
chicadventureit.com/template/css/ 118 KB
19 KB 25ms
22ms Stylesheet
text/css 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/css/bootstrap.css
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c900cdfd1286918aef120e91f4e664aba4b1eabeb6a4c5f68a06acd446783ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687374
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-1d959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZKcU5JBirjeu2M%2FCtiOox2d5nWKCJb6oj%2FVTMoLOzn053r6ANH4nIGAmU81%2FcwpJ8P0nMrxK3qREJeqpmnDteHSDK5EMmochgBL3NGuqxNuC2S2PpKItFo%2BhLjGT6sq4eaQO7dD4LiR7xfX%2BFPAyg24"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8e05c6e-FRA
expires: Fri, 29 Apr 2022 13:06:27 GMT

GET
H2 200 style.css
chicadventureit.com/template/css/ 125 KB
20 KB 26ms
23ms Stylesheet
text/css 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/css/style.css
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066834a3134ff801b713ae5f6404b3e6db0e320a49a7a5eadcc2e0146dd07cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-1f34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaTW8cGf1g0dQba6k81rXUTZ8cv9LuyHK2eUZ0JAMLX9X6gvcxCOeTj80dCWXNrGz4sdLx8kEXW0Yfk%2BDiXioiw4vPjj%2BONcj%2Bbinaz4jWR6qMDrGcRBTck9vm4AorZXbJOYyMMl2W4cWze4HX0i7sxm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8e15c6e-FRA
expires: Fri, 29 Apr 2022 12:22:54 GMT

GET
H2 200 responsive.css
chicadventureit.com/template/css/ 21 KB
4 KB 23ms
21ms Stylesheet
text/css 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/css/responsive.css
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0d24aee71e49f30d6f5368c0821fef9dcda1f83a9c3eaf5bdcd2643cfdf99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-5211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPn%2BhxeeCfiRbNhey%2BLZFeWlWf5fNP%2Fe%2Bpff4wt6KQ3QnDaH2%2FDe%2FiCPhYvUO61y5SuFATn51lGbONg2rOsIksKDbUuNeOcivTZiNReHP0Vu23eNmXhbVKAkp06i7G1AzZsvCbqN%2Bz%2B8W3l5YYLjGi6r"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8e25c6e-FRA
expires: Sat, 14 May 2022 05:21:52 GMT

GET
H2 200 font-awesome.css
chicadventureit.com/template/css/ 37 KB
8 KB 25ms
24ms Stylesheet
text/css 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/css/font-awesome.css
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 422329
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-9226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXDt4oM3rqvJdNTMVNSl2RwyyYR1wSMS1rMHmLjx%2FLHKvB8Z8Goxy9TM9HVzKdYaIDFVtl4W7HvLFe49%2Bf3wtzDi%2FrlC2LhEFXQ7h2GymbydqAWpVN6Hxl6fFA8btjP%2BAlj2Q2rWwozyZDLkaPND6cAH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8e35c6e-FRA
expires: Sat, 14 May 2022 04:30:32 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 6 KB
3 KB 58ms
27ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2478463
x-jsd-version: 12.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR6W33iEH2%2BePcE5WLIvPNqNXDZJ6%2Beol1soZI0PAyur0iNmJAqTzdzfdpUjeKYXaZwKLiB%2FRS39g04gi1zxpFdiazHQspcDT3jyd5fCH1uUld%2FrnFsfdyWclVz9eQwV%2Bc%2Fp5LYCskrRHf1P%2FVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fe1fbaeff556931-FRA

GET
H2 200 f4825f72-7ded-48ee-8cdc-8374070df25a.min.js Show response
cmp.optad360.io/items/ 497 B
832 B 84ms
32ms Script
application/javascript 2600:9000:2156:b400:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/f4825f72-7ded-48ee-8cdc-8374070df25a.min.js
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 00:20:18 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 5344
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 497
x-amz-cf-id: 5w0wmO6tTey0dyqZeVsz03g1zYejH38GzRa713WgKzxP6qfWlcEPvg==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/0c4c153a-9099-4827-ab64-6788c7b23641/ 264 KB
56 KB 127ms
68ms Script
application/javascript 2600:9000:2156:1c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/0c4c153a-9099-4827-ab64-6788c7b23641/plugin.min.js
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d7d76f885ea7183c6405c61d9c78b7073d014bf9080e19a767ed2ae7cb875a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 12:31:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"8b0853331a6c6a29ff45757c27da70fd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: MXYj0lA7gQaseqCJuL69ihTvL4rGTP0wbVxK0S0xlqZSpTedaC4jwg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 149ms
39ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 18:39:47 GMT

GET
H2 200 jquery-migrate.js Show response
chicadventureit.com/template/js/ 10 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/js/jquery-migrate.js
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: W/"61c4532c-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ5xq8uJTsIADeixzw8OWQ0i%2B1W3l56g%2FKyI%2B2eRb%2BZDQWGDOLazCx%2BlFU0cLpG8S%2F8fiygAPxof8%2BUPsXi2LUWzbs%2BSLuds7fNwwG%2BfG%2BOZJDcSm55uE%2FLFSab%2BBbMvFXAC%2FaOchsyMe2TkyZUuLBb9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6fe1fbaec8e55c6e-FRA
expires: Tue, 26 Apr 2022 06:17:39 GMT

GET
H3 200 fontawesome-webfont.woff2
chicadventureit.com/template/fonts/ 63 KB
64 KB 140ms
140ms Font
application/octet-stream 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chicadventureit.com/template/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/template/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://chicadventureit.com/template/css/font-awesome.css
Origin: https://chicadventureit.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Dec 2021 10:45:00 GMT
server: cloudflare
etag: "61c4532c-fbd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7ZLnzEBklGFhKc%2FntRQjtfelllUXKeT10gQA1X4aVM0gm68yqyn4NUZTvUbEW4Liq%2Fgwe5p9AELj2Llo%2BI5KeXBiz0N0OKw3CiOqvsbgqvv69RMhtlStMxbqPTSjyosXkk52nvAb%2FiGnZxyxERtSQU3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fe1fbaf4937915c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464

GET
H3 200 20-fired-up-fitness-quotes-motivate-you-before-your-workout-session.jpg
chicadventureit.com/img/famous-quotes/70/ 24 KB
25 KB 79ms
79ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/famous-quotes/70/20-fired-up-fitness-quotes-motivate-you-before-your-workout-session.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ea26fe11a8ff106477b3b3a0aaa66f1b99f350a1ee232e7bd06604c7da22e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24796
last-modified: Thu, 23 Dec 2021 10:45:16 GMT
server: cloudflare
etag: "61c4533c-60dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CZbhf%2Fy5I6LgEnPz%2B4upO%2Bo0bP2wbB7SLhSuelUwz1j46Ra6XXf8Hl4UA1SxmemrOJcTB%2Ba9zDEcp2Uxg803KQvbPnxkYEKZPWNg%2Fy7bkwfkxsTVfpr8H7woQyJsJtprbeweO%2FMdLhZqxaNuicJBheI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a05915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 the-joy-is-journey-40-birthday-wishes.jpg
chicadventureit.com/img/happy-birthday/65/ 25 KB
26 KB 78ms
76ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/happy-birthday/65/the-joy-is-journey-40-birthday-wishes.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee59314ff756e2ec8b8a68a48da490129366ef50ef32119710951d3e3b8fb8f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25685
last-modified: Thu, 23 Dec 2021 10:45:10 GMT
server: cloudflare
etag: "61c45336-6455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R81YiMIwMZQNhRYGt4soPqRIGiO%2BGUTZwbQG9AJBTV2ffMv1Vh8UcnqDhsBTQ1Y5cLnEV7MJLJuRqVfNXQxqcQUL%2F7zDGb2CWt465X%2Ftevv2bJ1SfmTVcID%2BWuRomx0lMQXiSqAeWxWdFYA8Cy71jaaQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a07915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 happy-mother-s-day-wishes-for-those-beloved-women-our-life.jpg
chicadventureit.com/img/celebration/37/ 29 KB
29 KB 79ms
78ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/celebration/37/happy-mother-s-day-wishes-for-those-beloved-women-our-life.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a07c48518e1941bd50cb6b576aa187146a06b66b5c872256b1e8d00b1d6e048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29264
last-modified: Thu, 23 Dec 2021 10:45:18 GMT
server: cloudflare
etag: "61c4533e-7250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa7P%2F7XU2T4CBBj2VNbfannbfkYyQFj5iz7ogdP1HaZ9E6j0VyorH5E3skuigIDrqlVQzwJZJTN8WqTBnPtj4VDegYtJX7z6Qyz3pF5u3J5KamnhdLJuiG70SPEGs%2FVGMpieoMC73VdMwMBG%2B49wX3ES"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a08915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 40-boat-captions-sail-you-away-6.jpg
chicadventureit.com/img/captions/57/ 37 KB
38 KB 102ms
100ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/captions/57/40-boat-captions-sail-you-away-6.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b338a5903096e414eb204ccbc5bbbfcca2fdb9b18a8a6c8888d6b785e868fe58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38198
last-modified: Thu, 23 Dec 2021 10:45:09 GMT
server: cloudflare
etag: "61c45335-9536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18SFEF%2BTmolFJjbtCT90hsO8own54r5orQ%2FNlsFvTf4YgdkekcipQsGEeiLx2K%2FHCkJQtMA1AhxraDpMKZaeZcAH7hpaunla7QHdfOjbIaHi5njz3L429zji3h4MFb%2FusvYLNehaf0SOXEZqOVvQAq%2B6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a0a915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 300-great-happy-birthday-images-236.jpg
chicadventureit.com/img/birthday-wishes/88/ 21 KB
22 KB 84ms
82ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/birthday-wishes/88/300-great-happy-birthday-images-236.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f099dafdbfcdbbe1dbdde864859928b35d46c4237d1a5b6f83cdc73efe62e638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21865
last-modified: Thu, 23 Dec 2021 10:45:05 GMT
server: cloudflare
etag: "61c45331-5569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhrQGhSU6RA%2F4OWjlPCdb129Wf8nSVYv7mjAYSNKEpgCyZ%2FOYT4Lg3MhD9WVOiLoJD%2FQAOlGIBTQ8%2BzoiFW2QAEE9qkc6JdWP%2FTUwbEUZ0YhjqaQ3iDJQIGDf1xyQSacI0yWmEX9Swvmpz2usn6gFuUD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a0b915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 keep-fire-burning-188-hope-quotes-9.jpg
chicadventureit.com/img/quotes/50/ 19 KB
20 KB 84ms
83ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/quotes/50/keep-fire-burning-188-hope-quotes-9.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68ffab505ed660e23c532961cd93497c7fe9deb8b33959ffbdf88a664bda29e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19533
last-modified: Thu, 23 Dec 2021 10:45:12 GMT
server: cloudflare
etag: "61c45338-4c4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zblI5xVhDHeYgOvzLyc9d4WicWuPqU0u7EkfI4J%2F%2F0U2Q3LrLlvHm5cNf6yengFhRZ7ORCvlQmxV4njzGN3LoSQf%2Fmm5tB84RtBEixqyrJUGPjSeG3QRroZBIgPTuolC%2BGwy3oSbS2hy6Av9wyU%2BtUkb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a0c915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 on-off-instagram-101-sunset-quotes-9.jpg
chicadventureit.com/img/quotes/69/ 26 KB
27 KB 21ms
19ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/quotes/69/on-off-instagram-101-sunset-quotes-9.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ec73bad8e0374a5e5336e9fa396ef54b02677e3ab374b9933b89ac99f0440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26816
last-modified: Thu, 23 Dec 2021 10:45:12 GMT
server: cloudflare
etag: "61c45338-68c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xjdPUPJEOSvBBLxH4g0%2F9jlUld8eb%2B4sAnW5ynGxCtc0VZJgVBVDnLR7U82%2BIAA1uQ0n3nh03NDyGmNRJWbGoPnfzR3VCVBTAoUktCFcUMhn4OB5wevz6SDDG%2BcUwctIaqLOx5IWzuck6ZjiEIL%2FT91"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a0e915c-FRA
expires: Wed, 18 May 2022 19:47:13 GMT

GET
H3 200 one-million-nos-friday-deniers.jpg
chicadventureit.com/img/other/95/ 15 KB
15 KB 56ms
55ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/other/95/one-million-nos-friday-deniers.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830b1b11eaa6113a7e4d5051b373a7ac246675004399fe76f8d9d35748a56318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15120
last-modified: Thu, 23 Dec 2021 10:45:02 GMT
server: cloudflare
etag: "61c4532e-3b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuonBk4TyaIXYYqAgRqUKVxmBcpisTOfInXGgsXZPG00PPnNKEXPnNamp8%2F6ktLAVt8Th%2FeRx%2BcBa4NCOnVeztEvYM9z9L3WEMoQp1E6SuxUP5%2BHO%2BL5fVo3UqEqblb0wgOiOkpzygyQZi%2BKoPX0yo0A"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a10915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 45-famous-original-world-refugee-day-quotes.jpg
chicadventureit.com/img/famous/35/ 25 KB
26 KB 84ms
83ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/famous/35/45-famous-original-world-refugee-day-quotes.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b1289479872d12f4ebe74c3911ffcdea5cbe88082c504147d28ad2252111e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25985
last-modified: Thu, 23 Dec 2021 10:45:15 GMT
server: cloudflare
etag: "61c4533b-6581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0HLLdLUs0D8QemIo%2Bs%2Fur%2F%2F2JVNCY8GFhAK1VW5UwaZOHCVrv2YYarJBOGcX5Xm4wN8RTUihHVglfx8rtWNVz%2FSiClbN2AWBhkz3ln%2F5Rbnp%2BrJse7iAjG9F1IVLcXkvs%2B3S0Ekei%2BQW9NRwOJtAFhm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a13915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 55-colorful-flower-captions-make-your-instagram-posts-bloom-5.jpg
chicadventureit.com/img/captions/60/ 25 KB
26 KB 85ms
84ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/captions/60/55-colorful-flower-captions-make-your-instagram-posts-bloom-5.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 178258e256e08a58dda9256a7ec848356aca5bbc6541f72443f26879f59c7433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25918
last-modified: Thu, 23 Dec 2021 10:45:09 GMT
server: cloudflare
etag: "61c45335-653e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=238m3JooxQ7cEUeK17VOeD%2B5tSCIBcMjnmNKynJaafq%2BDuRD84KaVDjzaekg3Mct8i%2BmHZC3SPtfaXwyD9nxKCX3Y6Tkgrw7LNGbZiWG6OsGtTHrh07czXHBqwLt05W%2Bv5SakrFrUIoiP3Xvd17CamyK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a14915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H3 200 the-mind-skilled-martial-artist-135-powerful-bruce-lee-quotes-13.jpg
chicadventureit.com/img/quotes/50/ 18 KB
19 KB 89ms
88ms Image
image/jpeg 2606:4700:3033::6815:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chicadventureit.com/img/quotes/50/the-mind-skilled-martial-artist-135-powerful-bruce-lee-quotes-13.jpg
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf273d3ccf1c47a695d802c0d3a9a714797a9d20f0952381bce658627986d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18577
last-modified: Thu, 23 Dec 2021 10:45:12 GMT
server: cloudflare
etag: "61c45338-4891"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTmqtT1%2Bvjm1Axs5THnkfGemuXlGKUSyuo%2BnuAf6Qnzq%2Fe%2FgtlXbjmcSzC%2FQ%2F7A79t7tvyxW%2FSBRrtBfsVb26tJ61ANK9tcSJCBJkGpLklsf0wn4SPqX7FgbDjJ4gweY%2FT3RWGRgRllFftknOGh8hdfe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fe1fbb01a16915c-FRA
expires: Thu, 19 May 2022 01:49:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 149ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/0c4c153a-9099-4827-ab64-6788c7b23641/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

edd9fc92bd6b92cefee3d7b9261be4cad27d224674a9a42ee2b9e12da1fbef76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28478
x-xss-protection: 0
server: sffe
etag: "1190 / 230 of 1000 / last-modified: 1650320114"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Apr 2022 01:49:21 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 8ms
7ms Script
application/javascript 2600:9000:2156:1c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/0c4c153a-9099-4827-ab64-6788c7b23641/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:54:12 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 14115310
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5enc8XaKL6fWNC_laBQQYhP-KpTQLI2MqWCYzG0cf2Kh2n8_BnVyww==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 38ms
19ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220419

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88816b4e9d2b1e7455a8edb3b081950d1be6c35f4da7af91a166b9c9a8f1edb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38903
x-jsd-version: 1.0.1315
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA, cache-cdg20779-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66a-wQwi4smevNnXCt7tNKOGzazdc+4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoRiIaaDxUcRsjETfkUFNS57rtE5bmuBL5W6uuPXzYtU2UJjhgiCenBS0yCT7S5OJjHxDizKyVxW%2FTWAGh0zAHCPSTwo9Rnyos%2F4OtEEcWobnMWhK23Yh%2BIXENbggbOYzpXGq8eHjeQEn19zLrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6fe1fbb13c3e9279-FRA
access-control-expose-headers: *

GET
H3 200 pubads_impl_2022041401.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 67ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125916
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 08:34:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 10:57:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
101 B 76ms
38ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chicadventureit.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eedda56970a553f9b28a359c03f256e6b4cf7fd6ac3dc943c36cfe82cb90bc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76
x-xss-protection: 0
expires: Tue, 19 Apr 2022 01:49:21 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 105ms
19ms Preflight 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicadventureit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chicadventureit.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 99ms
19ms Preflight 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicadventureit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chicadventureit.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
937 B 70ms
21ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645010
x-amz-request-id: tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2: tx0c810f9b689a43feb0d6c-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Vpf6O7zNVoyvcWhwrwOq1MHFp2ubD6swtiX7icxHwVc0QNPVuEqe2MXGsAQhVJF4Z%2BQTXlEq8UMDiXuDiDm9gysNyIHDwCtN0N1P5e5e80Qs1n4KeG1t%2Fytil6uU3k08sj7vkXJ1OxxWGpW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1649687875786561
cf-ray: 6fe1fbb77b4b918f-FRA

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 2 KB
2 KB 104ms
61ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0f51e1d64ceebc368fa7f4158fbf5b865436b70c02782a8be02521c6a9de455b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://chicadventureit.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
205 B 736ms
536ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 442
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
6 KB 204ms
164ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c4086536e6efd7195668205a2d47d09bcbc40445729e835ee8c445e36d49dc89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 19 Apr 2022 01:49:22 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4eeac09d-d11c-4fac-9afd-b806860a198d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://chicadventureit.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 53ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
349 B 375ms
178ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 84
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
6 KB 213ms
176ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

737e89fcb9d16ab7876fd1e3eb66fc9f9e33d45d3a82193af44b16c701d7101b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 19 Apr 2022 01:49:22 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 17fb2df8-db10-4a5f-a04d-3e7f7c586919
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://chicadventureit.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
410 B 110ms
67ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 50ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 78ms
49ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx2ed6aae2e8c84372b0efd-006254407a
cf-ray: 6fe1fbb7c9709128-FRA
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: tx2ed6aae2e8c84372b0efd-006254407a
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNbHKnzM%2FChOdU89Zg2q%2FEO6DUOFV5uiUdk%2B7muwH8f%2FyOrHLZCoch465l%2Bpu8eCIuK2kz9ogpqGdxDf6Yo5V8epa3dts%2BERUj318ilrJKAoHRO99HKsbKPr5UXHPjqAbmKU5uVZwN1%2FAFxP"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1649687874851815
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chicadventureit.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
47ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chicadventureit.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 308ms
307ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=966469139129077&correlator=2055400558271225&eid=31067165%2C44761482%2C31065401%2C31065659%2C31064018&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Cjf-oeiras.pt%2Cjf-oeiras.pt_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&adks=3059254518&sfv=1-0-38&ecs=20220419&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.18%26hb_adid_appnexus%3D196e47895b554c7%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.18%26hb_adid%3D196e47895b554c7%26hb_bidder%3Dappnexus&sc=1&cookie_enabled=1&abxe=1&dt=1650332962830&lmt=1650332962&dlt=1650332961063&idt=679&biw=1600&bih=1200&adxs=436&adys=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fchicadventureit.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=1082374391.1650332963&ga_sid=1650332963&ga_hid=711448953&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

77f2f17c590dcfa914f5ae59068e74950c65f6711a649c5dc3dcadb150894dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7830
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 142ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46c4c5a62b2324121bd68ce3ac656cf674e7ca00506a533d706cde57be97382b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10794
x-xss-protection: 0

GET
H2 200 container.html Show response
d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E81 6 KB
4 KB 146ms
47ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: Wed, 19 Apr 2023 01:49:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 16ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
204 B 95ms
94ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicadventureit.com
date: Tue, 19 Apr 2022 01:49:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
6 KB 51ms
50ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

28c8505851b27df52f6ac1f2b8b95f799b2067681eb42985f069a37c6cfc328d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 19 Apr 2022 01:49:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e7ce9086-d5b5-4402-b0ca-f1683c6e8b27
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://chicadventureit.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
410 B 62ms
62ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicadventureit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chicadventureit.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 95ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chicadventureit.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
48ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chicadventureit.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 329ms
328ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=966469139129077&correlator=2055400558271225&eid=31067165%2C44761482%2C31065401%2C31065659%2C31064018&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Cjf-oeiras.pt%2Cjf-oeiras.pt_o3b_display_am_o3b_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C360x300%7C580x200&ifi=2&adks=1246843407&sfv=1-0-38&ecs=20220419&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.19%26hb_adid_appnexus%3D2822a6317bb0c74%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_adid%3D2822a6317bb0c74%26hb_bidder%3Dappnexus&sc=1&cookie_enabled=1&abxe=1&dt=1650332963072&lmt=1650332963&dlt=1650332961063&idt=679&biw=1600&bih=1200&adxs=475&adys=1100&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fchicadventureit.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=640&ohw=0&ga_vid=1082374391.1650332963&ga_sid=1650332963&ga_hid=711448953&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c2065a853af8601ee0f10b0e777bf41d57d707d6328b72de4c58480425763bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF3C 13 KB
5 KB 87ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 21:03:12 GMT
expires: Tue, 18 Apr 2023 21:03:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB00 783 B
1 KB 134ms
47ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

414910fe9db06a6f54091351d76170ae834e0887a4c8cef7e5d3a14c92bae7f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CBJ3DvgNuGpVl/dPy1tfRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-CBJ3DvgNuGpVl/dPy1tfRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:23 GMT
expires: Tue, 19 Apr 2022 01:49:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE74 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: Wed, 19 Apr 2023 01:49:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
36 KB 485ms
485ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=966469139129077&correlator=2055400558271225&eid=31067165%2C44761482%2C31065401%2C31065659%2C31064018&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Cjf-oeiras.pt%2Cjf-oeiras.pt_o3b_display_adi_o3b_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300&ifi=3&adks=669713117&sfv=1-0-38&ecs=20220419&fsapi=false&prev_scp=hb_format_adform%3Dbanner%26hb_size_adform%3D970x250%26hb_pb_adform%3D0.88%26hb_adid_adform%3D18e826fa451db1f%26hb_bidder_adform%3Dadform%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.18%26hb_adid_appnexus%3D172bcbb4ee8c709%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.88%26hb_adid%3D18e826fa451db1f%26hb_bidder%3Dadform&sc=1&cookie=ID%3Dc6874cb526e30ed7%3AT%3D1650332962%3AS%3DALNI_MZV3tOv3Rfdaed0oFC3HYyt0Y0prg&abxe=1&dt=1650332963176&lmt=1650332963&dlt=1650332961063&idt=679&biw=1600&bih=1200&adxs=436&adys=223&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fchicadventureit.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=640&ohw=0&ga_vid=1082374391.1650332963&ga_sid=1650332963&ga_hid=711448953&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

fe946a4fd9d49e400a43d4552efd7a2cebf4510a54f813432dcd1fd7d4872e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36851
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame FF3C 35 KB
13 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 09A3 624 B
975 B 138ms
51ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXxUZzW62gGt8n90u0alIL8im-zpWp1RWIkIqiAPD2KDGpw7XMb2ooeOfQ7tAtjjgVd5_UoCJDA6LdyoNS3MVtRKDsjB5Q0pqQr0qXAH7fTi18Sle34mZ0znwTZp2t8blO1AUuRphqfCOtQpNH6H57ZYaUTgp4bwqppZjx5ySYBbv8I-mmo9cyM45vkDO5tj0czEpUqkZ7pY0cao-Ol-FOgqM7T-Q

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:23 GMT
expires: Tue, 19 Apr 2022 01:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BE74 84 KB
34 KB 173ms
88ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp1OQCAs1N_Y8a5r3ezSFt_xQcX2Tj65XG8O9ntIK2uiTogaOIAM9yyTQOhb9b6aM9mbjoqtLljV3n-uE6BZBL_Vg3YXWosuB1MCPO4Z4_QP0ZOlbmqm4KQngrALau2Bj_UiJyDsJ9McZ7O0vIVn6r6ce37w&dbm_d=AKAmf-AVYf0CdxoLxNJIDW2BESW_gUzuQtEHPkcaMy7wE8L_nlKme7WxnCliU7abS_fI9CakZaOkdU946oLlwNpoT8UVW497AUiAZ8nVpq_CMi7qp00gqpSpRx5bJHbvzTo876vsWgzvXQZar9wmMQb40Xaq8AqOZGhJ_xs0IPhR2jvAKtg6caCJhDrMKzDfvvrak0qFxzG1njj_KP3Q0kW1CfeTrW31SXEFQKymM_NeCuLllYzEueC59KiQY9RvuNOFZAMSmo-hDT5tHM5M0nEuH17nGXvqwvrc7zjcQCx-N_wM2cjqjbL4AnszRTOywO7AWg9-bOeqfl4H66tbWgZKGqYfK47cA5KEd28KMIj4s6JaBrnAHzv-oqip4UoI6bTDn5fHNbBlsPudh3dmGOgdkEdtQ2T578Kp5n1S7RBns90D5Emvcf0BddnceAAssoQJMpq2D_QkArTp8ofr6SBM_hTHUQWCWDDvNgUWiAvMeKRdmjTyiUFxJfLN0-vMx7XjX-ncskFXrn5UvlpadzKaAw5vFMPDUl5tJZ7OuRNdPV1GNIP4Nb8fJ8ZfW4aT0Fu9RUQM3xfQu_HcR1yVRSQ3iCjijuS_PeEOdjAAxzVIVUiLasi5ysLvraYCQktA2FEkqWYWIQGEXwLTF6HkXZ0YKtUSFkCC1yH42kR-1Hj6eg1VqmoA9J-NMrthR16RRi8SiF734BpxKSuNxdT0Q2tbVfkLZyaFiJilExVkkQjdHo6VTgg_l-uSJwgOTnCX9uHL4kjiMfePuXoXrNuk-BbLxtNYpyR24oOxC85w78CfcvY9jAUQF4JsFXfQG1hL-seP00niQF8nhkRia8XNYapoVJSEfUVA2ZDDgROgfNFXcviMlhut7jjeDJ09kRoO3vbuF8EskqO7NtjLYcXmAn61jlWB570nxLIr62KgS2hCXlLRKAlHOGcAgOfwznRtgxDyViTgdPPfsYJOetqd4eeXPxo4foJ_wmyLmhlxw6AW8sEn4J0n_RGNHTAWpD4d24emj7hQN3knj0G3907qza0CiHCP_WdCxSISTNqt0hWqQAUkNFWwt-ehoNaITLHyrEcz6jn8m4IKV9dEmlHI4X4eXX_QEC9UcFJ93tJPzZSh4Gs_zsElkhJsidD7wam91oRC8d-TFZu7mq-AFe79HsjwDAVmMAUMqtEghR5YxEHg6Q8psrMxwkgljR8WM7SamNhEiqp6WZvBTsM85My2r7P4NlhAcDpoCggDUn5OB9fBOTytYdJGlNEeM1t8btuSmC-Z7_2F_BcbnuB5_dKUeuRzIeOkMH5RxFMRCOVgHnLFfB_aZIN_Mg9al3iLaXzzn5ySbbusjknGr0xIepNQWRn-G0Hnmf3NUAN0FWfdvE0suD40uNlFSVJfab3dr0wkqMJxbicjsL4aLoYrn8vFrkIAq2IsH-rhZsX4tapK9VXYZ4DUtj68SCDEXeXeVKnSaVLfCNVrQaoHbJ9wB7Y2MFJCc9jU2QSCWEzLpC_7A5-X4OH9H8CBiiQP8SklZY2NGy5T5EigkaIS1Ulgo0gt0hBSYgL-ecBTqlxLM_QoG8KCX2AvJ0cCt53FMqn5c8oXQHB5JkGvJil8dLDo9SqAsFenfayYNottU_U9KENg-eNOsp1hPAplwp2HFaUqR69YtKgHTuKoXZ_OV7MMC38YBtuf2n5U2Gv8XgcRIoEgggKbrojxYvHnN97DJz4Kx3YrbqcBGGi1GH1CazmArgloVCt3djqdNk_g1j5W2LCP9RIUx3f0H5Nn0PCAiFGJwqHnd6Azfd74aL3m-vOCqxUQsAPbQeZ4TNdZhaCCzMoaVhiFe6MMj7jiKK0mNMBsN9MyLKJMVLx6pBUAmB5KiEo7I9mJieYOQnRxsv3gbVS__iOlfCuP30p0qiIPs4HJw7-_L_12rOmBMnzUedTbrq6TR4XKrIZy_aPGd_q6YGMi28_lA-c1CAFa9odhunqTr_kD0JD_Y8jPxZg0nVEDWlp7Ze1GHTupftKLA2eaD3TlUMopGs5my3bwetKDKRpMZLp8irmVTH_yQSh5bgTtO1xzf6TN0Jt76drxgUDkuckFdWHW3nTGt0NC_7eJnMf7VEsYLs-WZwx8UWmytVYor62eMAwm3cHRDxW3sZWqVP4xAJ36GFIbxb-bFHaimnzjOLpEdoR-TB7MEDLUKIGTMSvhOXjP-KA_Mt89FYZQggOy-aFJj0PA9besqqo96RD5gfVo__lVpDXn1_sgY7gGwIp0rz7AylbiJFVBIVGOxk_44ldfnWoH_Lr-K79OQQ0WnC-M9es1kmPg3zeBu5I35E7TDluu6xIOknEOHw5C33MPHprPkTX0Y83oD2_QzHwER2AxOCl2Prdt_rqmLTGHLwh5RuzhQpvBk1SlO7qID-tKvdSO84ODBpvlAcKF-VCJfaM7shBJF2eVtpmxLp7rxY_8Pvh38wV-cJpkqeJ2Peru5QBRAPPtcOGxlg-6wIl5o6jU71fiG8Itddfd9Zsr8OySNZj0qkjJnBZAmjSIGLiCU5xL85cghBxTxX4d2mUDx05lrzO63LjbydhwEnRq2IMg3pmW5S9QKewWbhR7uc7bg1eeQsnMazok-7hDYPcT4BsJwoumbugIFvQCNFscNeJUmCdLtv-SWPRCsQTaT1E5ViP8VBpFXH2cxf7l9S6ypkXQHfRJpyX51hHf2G0qV_2U1PdDx9aeMQPs1YnwWByCP4MpJW3RrQWoN1AEemPTy_TFER7MR_kPmi2dGqVlnZBxg41mTtFtLzb3pBvkC4GrrqBpUtXw8DDH_iiwRIMthjiUdTT1MXygjgRBv_lBHtLCr6GQQzZvNvREuxnmQ1NjNPwx-K66pxxOa1Vpu_6_FHTt90jq1TFnnCIM26rZTgZSXp6-lPhnV7VrZASq80BJ0qFYuMrzUgrSYUdUQnKsYDgmdqu8qqjsZunwRdBz3hPJPDbKTqpoNOYFG1IyT5E4Iw0wChPJFCCN6XOXD-CGBxSZufJbSKOkJJsE6F3_pxynsd11BBG-0oJ5T8gX13GX8Wi3kCp0eCldLw-UFRRk5994gsdOT25XNSGlOLAk1uUHYqGJP5p4PYzUUQ3tiZZV1Kch978IrnjeRCF8Y4Fg_1sj5jZSQj9_-QATpZO5SJ3GTUCvLrQlP0hcWfVXHvhHjfQc8Ht06iie46jxxfYXc8laVGpyodGSPYHv&cid=CAQSLgCNIrLMyihRuG9pJNwnhVw3DLWOX8mccQGNJi49fTWq1WTq1g2VdGXjcwdzlMQ&rfl=1%2Chttps%253A%252F%252Fchicadventureit.com%252F%240

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3716cd9cdd8b6093b54200b02dc5720a018ded54580352da02853f0dd2f2f971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE74 42 B
63 B 125ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLcf9cM37FdY1suIGxB6u5ASvfdgunq-zkISlEG7bZ0HQZrFp5Skn40TvDHzOn9xHRdPALD3pQB2f4pNCSctQHuhUqoMQZDcIikdNyducEn5V5YdU

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame BE74 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:33:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE74 119 KB
37 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame BE74 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:34:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB00 0
0 117ms
87ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=966469139129077&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 container.html Show response
d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8EF 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: Wed, 19 Apr 2023 01:49:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAVfsrrC9dl03FcMHUh6vrA&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAVfsrrC9dl03FcMHUh6vrA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXxUZzW62gGt8n90u0alIL8im-zpWp1RWIkIqiAPD2KDGpw7XMb2ooeOfQ7tAtjjgVd5_UoCJDA6LdyoNS3MVtRKDsjB5Q0pqQr0qXAH7fTi18Sle34mZ0znwTZp2t8blO1AUuRphqfCOtQpNH6H57ZYaUTgp4bwqppZjx5ySYBbv8I-mmo9cyM45vkDO5tj0czEpUqkZ7pY0cao-Ol-FOgqM7T-Q
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 19 Apr 2022 01:49:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAVfsrrC9dl03FcMHUh6vrA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 09A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl4VI5B.aeG1ka.OE46rFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2

43 B
894 B

26ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXxUZzW62gGt8n90u0alIL8im-zpWp1RWIkIqiAPD2KDGpw7XMb2ooeOfQ7tAtjjgVd5_UoCJDA6LdyoNS3MVtRKDsjB5Q0pqQr0qXAH7fTi18Sle34mZ0znwTZp2t8blO1AUuRphqfCOtQpNH6H57ZYaUTgp4bwqppZjx5ySYBbv8I-mmo9cyM45vkDO5tj0czEpUqkZ7pY0cao-Ol-FOgqM7T-Q
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 19 Apr 2022 01:49:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 09A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENni_bNJ6ZNKffZEuo4rJmM&google_cver=1

43 B
1018 B

13ms
13ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENni_bNJ6ZNKffZEuo4rJmM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXxUZzW62gGt8n90u0alIL8im-zpWp1RWIkIqiAPD2KDGpw7XMb2ooeOfQ7tAtjjgVd5_UoCJDA6LdyoNS3MVtRKDsjB5Q0pqQr0qXAH7fTi18Sle34mZ0znwTZp2t8blO1AUuRphqfCOtQpNH6H57ZYaUTgp4bwqppZjx5ySYBbv8I-mmo9cyM45vkDO5tj0czEpUqkZ7pY0cao-Ol-FOgqM7T-Q

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09ea40aa-4dcf-48a4-8fb0-67c085bb08db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENni_bNJ6ZNKffZEuo4rJmM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 09A3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

170 B
243 B

107ms
43ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb45ec76-21ee-41f4-8b67-6ec12f951b7d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF3C 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zJdRaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C7E4 624 B
297 B 100ms
51ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_t_4xgEwAQ&v=APEucNU5Ih6smLQ6RZlkjNFR2gRtRP-AnQumQUSsKxn7uY0NOLn5N6NMiqPMo7mv_gd-vebthx7vP3PjBwXuJs8YN-ucq3aDlX8Mi7H9qGbDb4wljx1topUUzAc5DuZT9ozXUDRaGoipSwMyFbl8j51fTLLDvx1VADm0AMpDyayQ3WBGJnljJbKXM50qn-KRP_Z0Dj_Es5JtWSCFjdLpPJ6kZcx7s47zlw

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B8EF 82 KB
34 KB 137ms
90ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ch60KrZtIH1TYY2QNntCLySBnKhbxXiJUcqj_zO09ienl-8vgYq5Dt2A4IxqxnCdpq75h4rHv-1vQnP32qLlMN3ZIIUtsYTqoDS5uYVp6JOVoZx_tOYzVA_mBXt5EqqYfgATEhYoh_1OdbIuY-yC1xM61GnQ&dbm_d=AKAmf-CJ07jnQYt378iM8Qy3vLEe1nLQg5Sm2ue5bRZxtYEWszDaVkJEOjYtJoUDNppYQ0-2JEeNmUFb8rUheSaRD2MNHdz4rNrMZRuLE6N5a9LSK1VDZG94rKT8kKbMF6nHhDCbSDv3KWf3U6Bu_sgcjfUjRk1wt-DQz6XNfPz470rxMccMbxzRu5NzJL28T2IByvYQExLf3ZtE0OGIJeeXmhkqc5qJEEoRXVTnM4RK610Q9Kkw-bY7NvLQX0hwpakhmupg2M0LiK0uM48YxfmlV90MCUruWsZMxLa2jdY4dJ2h2hVs-rcsd4Nl6_ANYRt8gZY0Uu4IJiwtgw_4dM3VvVPo5DAVlVa5KdvVigKefopjzWu3vU-ReavhXHws9jYi7HJqoF9sC1QZSCiDUwDJjwIms21b2mUA1rz0_1QnzH4gZk6OR_iZdQOdjCHTUVySvh_VaMsxKYA7keAavTWJaEmZ9cv2W0Ne4WcBahmyz41x6r2lv9o-Xp20Dxfaq6RvnfOAAhmSyHIMDj8lXVBrjjiWc4Rn3Di2FOiq_0i9cT4nwWHjzscaOIJmB8rCP79JYDLU_3ngR034D1qDc3k4wCBMnZeLAH0V8xA1V56IHlWUwaEz8tE9TsUr7U8SZZ-pXZb7FILAwpjjH84Sel7_bTM05uhHERkVPKFpTtxeECzhNMaM5Qi7UxAQ9JRddiKoid1oUIioIuUvE6n8Ex2Nls4nvKwj7XRwKW7asx6P3KBbZXjHbXFNSLfrpuehd7vg-maRsFE4uXrlyNYo8duPNnnGBuAVC8Fghx8q31VZm3CZuF60VmrptwKVlZweub0GgWLQjhdrzSKFv1oZKhuaUssmd6q3JrZP-vbkbwBBHZoEPDo37pytA8aqVXhPlxYMQfjnKf-WfmqgknSzck8MaE5YqybK6Pkq4ycHxuEjRZMI6BSQ1oZTtXwrXyCuzSYAFdIJibXUegcmo9BNXZ8mG20rwub6spcRpJjzJoVDJvLDIuYytSd_qkU8z-I0hFGqFt1XHO3GtNoAXqGGKYHK_UD7ccBCKyHomRpte_yWAUqdb-ZARfKjo6jlji5lFI-VYFLqWldHkokaQnRaSDahVeytjJqxvX6WTx6JCBEZOzZm0bDzThnMuXYTpO0kNTwicDpkmBrr_6Oi5bzZ0ZF75nLTSL1YWEjl2PQ4SyTTp-m-edsHbtVuNKCgmfUap_-kU8cYyL3jtwBvVZozF5cro_IacHGHwYq4-33wQJBx_Dlylry8pwukpEQ9RyQqcsyuuhxdG4fylMe7dyGY5WkP4XbsSFEmLcZIklbDb_exoqiRInb2a6-wWztLCPbg8ljFEMQFY2UHj-6qTku0trUxIVn-ILSEd7JXPPmRXQYP3XnG8xkdl-AlMrkNE52imsPbTeNgwPM3ZfwMv1Rn2IcO8VoiyBv5aOI2pPS93fWV9fCk7x4JKsgYuv0TKXfvuSjQsVS0YCUluN1W4bs30mlI9nB078uYq2_8V21rCxv4hNGpi9WFqsEuCLjLLJE-GHyBaYnXWo5aRDUXyt-v9JbV7Tj5iQTDEnIDJxOchsktRkGfXgF18GPwLdp8yWNXwk9fo8hzB6rbvY6FEhIeNgPU2uysOaC15G-iChjaJMUQqvR8d_8TY9D2QJ9XqKNpx8QJmf2LuebDqtWVqjlEhb6EQkwvAu7jsLOtwy9vGJ0FxqZkhJBTcVLzW4JCArYD37LIABLc4QFOkj8MDGcAyvP75Khf3Lh5o0m-vZXdwxJ5WL8vkZ2sBbp6ufnjAeV4rhnCJpwgSTVI9XAbIa8N1pub7Em4NxVMILLjRJE3cr7R2ryzXbYA2Nm0ecv6SjomDRDWHFu-n2wEaGG1DoEYe0OE5BSXdryYLRTUq6llFYr58MWFPygbL9G7mtnTvTx5pq6cqzfX0sDaEJRHnM1eNOS7PJoi1dPOZXFb9pI2N8bjk8yZSdjBtdligBwEWP96HOgfNelpWmvLoDZfx-EL3706oRRpGHVZ3jp3toClBpXawTgXq0G8rILfyoVhChqKv_j66qVb5ihb6_Zi-CWmCWA0qheVVRikPLYr9c34w1recH8XBrelUTtxM-KuAhhHtyfNO-HaqzDQKHHybvvoIujU7U7SYBGxGjqaLPDNbSwtmRPvsjJp3RkzMNCm8VXY4hjtSA3WOSuFZu6ECKYOtz0O-VgWdZZOrYWCkgaAuXxm3s5t4KQJNupMnmEl3uKXGn4kagCejqn5SRSTO5iZFaW3BeYXpHIvHZF6u_9852u47hUde7YW6locTtW5nYyfNAv4o34hsZxBawZhufSGJRV6VkRXgUpJ4-YcFbEdLgPEkmCgt8DByMJIX8n2MT0fV5dA62PI_v2BXDxKc-LzHG0PyaPgVPVoMQTc4WnWfDaOIQO0Wb29CPkojMOZLAHjORqwXDem_fImiwo3rCBs3pcsjtwCqDihbR_PG1Sc-F72ajYbE7jWVCuOLZzOFo8Q1AkpMdY2ntyAr9Kqgb7VcIQwdvaKbuA8tu-dbbHPCckAsbNSuxTTRBMj0EwDvBIuGLwdnQO79gHMGsFMs-b7tJVAkPBdA-afjVhwlQ8WkQ31OYQOAqp0zToNoTrTYTAwwlvDx6mJDi9UeU5SgEmw2BP-N5bo3kHV7ciGAvMbPPe76QQdvCs2xyBcRT-f-trBYIFWywrVbcZFV4ro4EJ3p8sUXoLCjxBhlw816Vyyo2kYiXTEvrqbocgi5mLS__6KnRWGCGvgEUk84mFRnXxnkZeoaYHzRItoiFNqGCDtGhxrJzl2YC3ldPdLb5fi62lULpZLOaC_n6ii_4red80Mir29x-3D9l3dQESqPoYeYfPZI9DRofqBFZGbzfBo76Yx3DOlEBFOJOLrrujLksCcVK1qLi180nb5VhFqLqrftWOfZ0LJ5VPrBfuQsAyEX1GWxIxbzwFKx-0l-wAQ73no29pSMU-uPXVlRVuSMWe2N2p9BG3zyYbkgyTdXydh0aBcSpEz9VdDal_sJjVL78-bJBAwQ4g759K_kCqwHww1UZIUz6ZgrJ9eO7Zr5xc0RHuHh4iH4ji08w72b4MXYEPs2yBYVuPBM_1Dq3HPLClXDWNNNa0lyB9w7NE3XQkuowimTBVRGPfRa62xIUSsGAhhQ7rRtyr5ATY_kfbneGZQpnOvUb896RTfwwv8SOraU8Cy8BX-mPsWYc7XbQ7GxvVWx02Ko7lFZkXG83FIQmQQ-0W-NwVZ-RduWEvsyG5natQdZg74lu7I0pQ8gebBtEDXQshshR88gkqcn49fpUBlFbH1SmjrCm3PNE7iznxb0tRgWbe3MqmapkXx6mSxiJyi-dLrIAL88fBa6bo_EiayvPtTG7Wt8MlcivCl6hEoGCRbtmeDVGoPeaMN&cid=CAQSPwCNIrLMYWJk9tBkfr7CbOXSaIbKL8szulG_nYgQ28kKtJkyECr_fjcrPlEr5GhUjrkT72I8MOeWme6pNfQ-uBgB&rfl=1%2Chttps%253A%252F%252Fchicadventureit.com%252F%240

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b13ab51a34aa17e76007f94d62c1316ee02a373911f386da91d52335c9a356b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8EF 42 B
63 B 71ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ag1-CtKZ-BbnBDCQQ07u6CWGM4ZFgmzThllLFFUBDRgAyw5fGK4kfk7st-JZYWGuyRVd5LPnu3isER29vVB0dhLLun84t0tYmCU6Qfog7PRd98Uz4

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame B8EF 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:33:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8EF 119 KB
36 KB 102ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame B8EF 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:34:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B8EF 0
0 95ms
46ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQioF1vu_5AqfO6LK9FatgjFLzpnV1MzLA_l8tiPnQ4AyunN7ynDWiYzA8aJY0FkwrBxt9Tw1Ytf8m7EjPWxp4mWfCJjw
Requested by: Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BE74 170 KB
59 KB 155ms
40ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Origin: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 16:19:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame BE74 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp1OQCAs1N_Y8a5r3ezSFt_xQcX2Tj65XG8O9ntIK2uiTogaOIAM9yyTQOhb9b6aM9mbjoqtLljV3n-uE6BZBL_Vg3YXWosuB1MCPO4Z4_QP0ZOlbmqm4KQngrALau2Bj_UiJyDsJ9McZ7O0vIVn6r6ce37w&dbm_d=AKAmf-AVYf0CdxoLxNJIDW2BESW_gUzuQtEHPkcaMy7wE8L_nlKme7WxnCliU7abS_fI9CakZaOkdU946oLlwNpoT8UVW497AUiAZ8nVpq_CMi7qp00gqpSpRx5bJHbvzTo876vsWgzvXQZar9wmMQb40Xaq8AqOZGhJ_xs0IPhR2jvAKtg6caCJhDrMKzDfvvrak0qFxzG1njj_KP3Q0kW1CfeTrW31SXEFQKymM_NeCuLllYzEueC59KiQY9RvuNOFZAMSmo-hDT5tHM5M0nEuH17nGXvqwvrc7zjcQCx-N_wM2cjqjbL4AnszRTOywO7AWg9-bOeqfl4H66tbWgZKGqYfK47cA5KEd28KMIj4s6JaBrnAHzv-oqip4UoI6bTDn5fHNbBlsPudh3dmGOgdkEdtQ2T578Kp5n1S7RBns90D5Emvcf0BddnceAAssoQJMpq2D_QkArTp8ofr6SBM_hTHUQWCWDDvNgUWiAvMeKRdmjTyiUFxJfLN0-vMx7XjX-ncskFXrn5UvlpadzKaAw5vFMPDUl5tJZ7OuRNdPV1GNIP4Nb8fJ8ZfW4aT0Fu9RUQM3xfQu_HcR1yVRSQ3iCjijuS_PeEOdjAAxzVIVUiLasi5ysLvraYCQktA2FEkqWYWIQGEXwLTF6HkXZ0YKtUSFkCC1yH42kR-1Hj6eg1VqmoA9J-NMrthR16RRi8SiF734BpxKSuNxdT0Q2tbVfkLZyaFiJilExVkkQjdHo6VTgg_l-uSJwgOTnCX9uHL4kjiMfePuXoXrNuk-BbLxtNYpyR24oOxC85w78CfcvY9jAUQF4JsFXfQG1hL-seP00niQF8nhkRia8XNYapoVJSEfUVA2ZDDgROgfNFXcviMlhut7jjeDJ09kRoO3vbuF8EskqO7NtjLYcXmAn61jlWB570nxLIr62KgS2hCXlLRKAlHOGcAgOfwznRtgxDyViTgdPPfsYJOetqd4eeXPxo4foJ_wmyLmhlxw6AW8sEn4J0n_RGNHTAWpD4d24emj7hQN3knj0G3907qza0CiHCP_WdCxSISTNqt0hWqQAUkNFWwt-ehoNaITLHyrEcz6jn8m4IKV9dEmlHI4X4eXX_QEC9UcFJ93tJPzZSh4Gs_zsElkhJsidD7wam91oRC8d-TFZu7mq-AFe79HsjwDAVmMAUMqtEghR5YxEHg6Q8psrMxwkgljR8WM7SamNhEiqp6WZvBTsM85My2r7P4NlhAcDpoCggDUn5OB9fBOTytYdJGlNEeM1t8btuSmC-Z7_2F_BcbnuB5_dKUeuRzIeOkMH5RxFMRCOVgHnLFfB_aZIN_Mg9al3iLaXzzn5ySbbusjknGr0xIepNQWRn-G0Hnmf3NUAN0FWfdvE0suD40uNlFSVJfab3dr0wkqMJxbicjsL4aLoYrn8vFrkIAq2IsH-rhZsX4tapK9VXYZ4DUtj68SCDEXeXeVKnSaVLfCNVrQaoHbJ9wB7Y2MFJCc9jU2QSCWEzLpC_7A5-X4OH9H8CBiiQP8SklZY2NGy5T5EigkaIS1Ulgo0gt0hBSYgL-ecBTqlxLM_QoG8KCX2AvJ0cCt53FMqn5c8oXQHB5JkGvJil8dLDo9SqAsFenfayYNottU_U9KENg-eNOsp1hPAplwp2HFaUqR69YtKgHTuKoXZ_OV7MMC38YBtuf2n5U2Gv8XgcRIoEgggKbrojxYvHnN97DJz4Kx3YrbqcBGGi1GH1CazmArgloVCt3djqdNk_g1j5W2LCP9RIUx3f0H5Nn0PCAiFGJwqHnd6Azfd74aL3m-vOCqxUQsAPbQeZ4TNdZhaCCzMoaVhiFe6MMj7jiKK0mNMBsN9MyLKJMVLx6pBUAmB5KiEo7I9mJieYOQnRxsv3gbVS__iOlfCuP30p0qiIPs4HJw7-_L_12rOmBMnzUedTbrq6TR4XKrIZy_aPGd_q6YGMi28_lA-c1CAFa9odhunqTr_kD0JD_Y8jPxZg0nVEDWlp7Ze1GHTupftKLA2eaD3TlUMopGs5my3bwetKDKRpMZLp8irmVTH_yQSh5bgTtO1xzf6TN0Jt76drxgUDkuckFdWHW3nTGt0NC_7eJnMf7VEsYLs-WZwx8UWmytVYor62eMAwm3cHRDxW3sZWqVP4xAJ36GFIbxb-bFHaimnzjOLpEdoR-TB7MEDLUKIGTMSvhOXjP-KA_Mt89FYZQggOy-aFJj0PA9besqqo96RD5gfVo__lVpDXn1_sgY7gGwIp0rz7AylbiJFVBIVGOxk_44ldfnWoH_Lr-K79OQQ0WnC-M9es1kmPg3zeBu5I35E7TDluu6xIOknEOHw5C33MPHprPkTX0Y83oD2_QzHwER2AxOCl2Prdt_rqmLTGHLwh5RuzhQpvBk1SlO7qID-tKvdSO84ODBpvlAcKF-VCJfaM7shBJF2eVtpmxLp7rxY_8Pvh38wV-cJpkqeJ2Peru5QBRAPPtcOGxlg-6wIl5o6jU71fiG8Itddfd9Zsr8OySNZj0qkjJnBZAmjSIGLiCU5xL85cghBxTxX4d2mUDx05lrzO63LjbydhwEnRq2IMg3pmW5S9QKewWbhR7uc7bg1eeQsnMazok-7hDYPcT4BsJwoumbugIFvQCNFscNeJUmCdLtv-SWPRCsQTaT1E5ViP8VBpFXH2cxf7l9S6ypkXQHfRJpyX51hHf2G0qV_2U1PdDx9aeMQPs1YnwWByCP4MpJW3RrQWoN1AEemPTy_TFER7MR_kPmi2dGqVlnZBxg41mTtFtLzb3pBvkC4GrrqBpUtXw8DDH_iiwRIMthjiUdTT1MXygjgRBv_lBHtLCr6GQQzZvNvREuxnmQ1NjNPwx-K66pxxOa1Vpu_6_FHTt90jq1TFnnCIM26rZTgZSXp6-lPhnV7VrZASq80BJ0qFYuMrzUgrSYUdUQnKsYDgmdqu8qqjsZunwRdBz3hPJPDbKTqpoNOYFG1IyT5E4Iw0wChPJFCCN6XOXD-CGBxSZufJbSKOkJJsE6F3_pxynsd11BBG-0oJ5T8gX13GX8Wi3kCp0eCldLw-UFRRk5994gsdOT25XNSGlOLAk1uUHYqGJP5p4PYzUUQ3tiZZV1Kch978IrnjeRCF8Y4Fg_1sj5jZSQj9_-QATpZO5SJ3GTUCvLrQlP0hcWfVXHvhHjfQc8Ht06iie46jxxfYXc8laVGpyodGSPYHv&cid=CAQSLgCNIrLMyihRuG9pJNwnhVw3DLWOX8mccQGNJi49fTWq1WTq1g2VdGXjcwdzlMQ&rfl=1%2Chttps%253A%252F%252Fchicadventureit.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:30:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame BE74 25 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:28:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BE74 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 13:57:03 GMT

GET
DATA 200
OK truncated
/ Frame BE74 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 550de642dcede3a7297da417bf13ded8b259e7e1f57325a9fe60468be1a71484

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1

43 B
894 B

15ms
14ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_t_4xgEwAQ&v=APEucNU5Ih6smLQ6RZlkjNFR2gRtRP-AnQumQUSsKxn7uY0NOLn5N6NMiqPMo7mv_gd-vebthx7vP3PjBwXuJs8YN-ucq3aDlX8Mi7H9qGbDb4wljx1topUUzAc5DuZT9ozXUDRaGoipSwMyFbl8j51fTLLDvx1VADm0AMpDyayQ3WBGJnljJbKXM50qn-KRP_Z0Dj_Es5JtWSCFjdLpPJ6kZcx7s47zlw
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 19 Apr 2022 01:49:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7E4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl4VI5B.aeG1ka.OE46rFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2

43 B
894 B

16ms
16ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_t_4xgEwAQ&v=APEucNU5Ih6smLQ6RZlkjNFR2gRtRP-AnQumQUSsKxn7uY0NOLn5N6NMiqPMo7mv_gd-vebthx7vP3PjBwXuJs8YN-ucq3aDlX8Mi7H9qGbDb4wljx1topUUzAc5DuZT9ozXUDRaGoipSwMyFbl8j51fTLLDvx1VADm0AMpDyayQ3WBGJnljJbKXM50qn-KRP_Z0Dj_Es5JtWSCFjdLpPJ6kZcx7s47zlw
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 19 Apr 2022 01:49:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKu7Vys79S737r_U2zR0-bU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C7E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEPEQSviJV7DFufHuxjl2tw&google_cver=1

43 B
1018 B

14ms
13ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEPEQSviJV7DFufHuxjl2tw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_t_4xgEwAQ&v=APEucNU5Ih6smLQ6RZlkjNFR2gRtRP-AnQumQUSsKxn7uY0NOLn5N6NMiqPMo7mv_gd-vebthx7vP3PjBwXuJs8YN-ucq3aDlX8Mi7H9qGbDb4wljx1topUUzAc5DuZT9ozXUDRaGoipSwMyFbl8j51fTLLDvx1VADm0AMpDyayQ3WBGJnljJbKXM50qn-KRP_Z0Dj_Es5JtWSCFjdLpPJ6kZcx7s47zlw

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b965ea46-2874-4169-a9b5-22381dff6197
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEPEQSviJV7DFufHuxjl2tw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

170 B
188 B

54ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e6295253-c147-482e-914e-9633ad3e02b0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0ODYzODc4NzQ1NjI2MDk%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B93E 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 15:41:16 GMT
expires: Tue, 18 Apr 2023 15:41:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame B8EF 169 KB
59 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Origin: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 11:47:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame B8EF 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ch60KrZtIH1TYY2QNntCLySBnKhbxXiJUcqj_zO09ienl-8vgYq5Dt2A4IxqxnCdpq75h4rHv-1vQnP32qLlMN3ZIIUtsYTqoDS5uYVp6JOVoZx_tOYzVA_mBXt5EqqYfgATEhYoh_1OdbIuY-yC1xM61GnQ&dbm_d=AKAmf-CJ07jnQYt378iM8Qy3vLEe1nLQg5Sm2ue5bRZxtYEWszDaVkJEOjYtJoUDNppYQ0-2JEeNmUFb8rUheSaRD2MNHdz4rNrMZRuLE6N5a9LSK1VDZG94rKT8kKbMF6nHhDCbSDv3KWf3U6Bu_sgcjfUjRk1wt-DQz6XNfPz470rxMccMbxzRu5NzJL28T2IByvYQExLf3ZtE0OGIJeeXmhkqc5qJEEoRXVTnM4RK610Q9Kkw-bY7NvLQX0hwpakhmupg2M0LiK0uM48YxfmlV90MCUruWsZMxLa2jdY4dJ2h2hVs-rcsd4Nl6_ANYRt8gZY0Uu4IJiwtgw_4dM3VvVPo5DAVlVa5KdvVigKefopjzWu3vU-ReavhXHws9jYi7HJqoF9sC1QZSCiDUwDJjwIms21b2mUA1rz0_1QnzH4gZk6OR_iZdQOdjCHTUVySvh_VaMsxKYA7keAavTWJaEmZ9cv2W0Ne4WcBahmyz41x6r2lv9o-Xp20Dxfaq6RvnfOAAhmSyHIMDj8lXVBrjjiWc4Rn3Di2FOiq_0i9cT4nwWHjzscaOIJmB8rCP79JYDLU_3ngR034D1qDc3k4wCBMnZeLAH0V8xA1V56IHlWUwaEz8tE9TsUr7U8SZZ-pXZb7FILAwpjjH84Sel7_bTM05uhHERkVPKFpTtxeECzhNMaM5Qi7UxAQ9JRddiKoid1oUIioIuUvE6n8Ex2Nls4nvKwj7XRwKW7asx6P3KBbZXjHbXFNSLfrpuehd7vg-maRsFE4uXrlyNYo8duPNnnGBuAVC8Fghx8q31VZm3CZuF60VmrptwKVlZweub0GgWLQjhdrzSKFv1oZKhuaUssmd6q3JrZP-vbkbwBBHZoEPDo37pytA8aqVXhPlxYMQfjnKf-WfmqgknSzck8MaE5YqybK6Pkq4ycHxuEjRZMI6BSQ1oZTtXwrXyCuzSYAFdIJibXUegcmo9BNXZ8mG20rwub6spcRpJjzJoVDJvLDIuYytSd_qkU8z-I0hFGqFt1XHO3GtNoAXqGGKYHK_UD7ccBCKyHomRpte_yWAUqdb-ZARfKjo6jlji5lFI-VYFLqWldHkokaQnRaSDahVeytjJqxvX6WTx6JCBEZOzZm0bDzThnMuXYTpO0kNTwicDpkmBrr_6Oi5bzZ0ZF75nLTSL1YWEjl2PQ4SyTTp-m-edsHbtVuNKCgmfUap_-kU8cYyL3jtwBvVZozF5cro_IacHGHwYq4-33wQJBx_Dlylry8pwukpEQ9RyQqcsyuuhxdG4fylMe7dyGY5WkP4XbsSFEmLcZIklbDb_exoqiRInb2a6-wWztLCPbg8ljFEMQFY2UHj-6qTku0trUxIVn-ILSEd7JXPPmRXQYP3XnG8xkdl-AlMrkNE52imsPbTeNgwPM3ZfwMv1Rn2IcO8VoiyBv5aOI2pPS93fWV9fCk7x4JKsgYuv0TKXfvuSjQsVS0YCUluN1W4bs30mlI9nB078uYq2_8V21rCxv4hNGpi9WFqsEuCLjLLJE-GHyBaYnXWo5aRDUXyt-v9JbV7Tj5iQTDEnIDJxOchsktRkGfXgF18GPwLdp8yWNXwk9fo8hzB6rbvY6FEhIeNgPU2uysOaC15G-iChjaJMUQqvR8d_8TY9D2QJ9XqKNpx8QJmf2LuebDqtWVqjlEhb6EQkwvAu7jsLOtwy9vGJ0FxqZkhJBTcVLzW4JCArYD37LIABLc4QFOkj8MDGcAyvP75Khf3Lh5o0m-vZXdwxJ5WL8vkZ2sBbp6ufnjAeV4rhnCJpwgSTVI9XAbIa8N1pub7Em4NxVMILLjRJE3cr7R2ryzXbYA2Nm0ecv6SjomDRDWHFu-n2wEaGG1DoEYe0OE5BSXdryYLRTUq6llFYr58MWFPygbL9G7mtnTvTx5pq6cqzfX0sDaEJRHnM1eNOS7PJoi1dPOZXFb9pI2N8bjk8yZSdjBtdligBwEWP96HOgfNelpWmvLoDZfx-EL3706oRRpGHVZ3jp3toClBpXawTgXq0G8rILfyoVhChqKv_j66qVb5ihb6_Zi-CWmCWA0qheVVRikPLYr9c34w1recH8XBrelUTtxM-KuAhhHtyfNO-HaqzDQKHHybvvoIujU7U7SYBGxGjqaLPDNbSwtmRPvsjJp3RkzMNCm8VXY4hjtSA3WOSuFZu6ECKYOtz0O-VgWdZZOrYWCkgaAuXxm3s5t4KQJNupMnmEl3uKXGn4kagCejqn5SRSTO5iZFaW3BeYXpHIvHZF6u_9852u47hUde7YW6locTtW5nYyfNAv4o34hsZxBawZhufSGJRV6VkRXgUpJ4-YcFbEdLgPEkmCgt8DByMJIX8n2MT0fV5dA62PI_v2BXDxKc-LzHG0PyaPgVPVoMQTc4WnWfDaOIQO0Wb29CPkojMOZLAHjORqwXDem_fImiwo3rCBs3pcsjtwCqDihbR_PG1Sc-F72ajYbE7jWVCuOLZzOFo8Q1AkpMdY2ntyAr9Kqgb7VcIQwdvaKbuA8tu-dbbHPCckAsbNSuxTTRBMj0EwDvBIuGLwdnQO79gHMGsFMs-b7tJVAkPBdA-afjVhwlQ8WkQ31OYQOAqp0zToNoTrTYTAwwlvDx6mJDi9UeU5SgEmw2BP-N5bo3kHV7ciGAvMbPPe76QQdvCs2xyBcRT-f-trBYIFWywrVbcZFV4ro4EJ3p8sUXoLCjxBhlw816Vyyo2kYiXTEvrqbocgi5mLS__6KnRWGCGvgEUk84mFRnXxnkZeoaYHzRItoiFNqGCDtGhxrJzl2YC3ldPdLb5fi62lULpZLOaC_n6ii_4red80Mir29x-3D9l3dQESqPoYeYfPZI9DRofqBFZGbzfBo76Yx3DOlEBFOJOLrrujLksCcVK1qLi180nb5VhFqLqrftWOfZ0LJ5VPrBfuQsAyEX1GWxIxbzwFKx-0l-wAQ73no29pSMU-uPXVlRVuSMWe2N2p9BG3zyYbkgyTdXydh0aBcSpEz9VdDal_sJjVL78-bJBAwQ4g759K_kCqwHww1UZIUz6ZgrJ9eO7Zr5xc0RHuHh4iH4ji08w72b4MXYEPs2yBYVuPBM_1Dq3HPLClXDWNNNa0lyB9w7NE3XQkuowimTBVRGPfRa62xIUSsGAhhQ7rRtyr5ATY_kfbneGZQpnOvUb896RTfwwv8SOraU8Cy8BX-mPsWYc7XbQ7GxvVWx02Ko7lFZkXG83FIQmQQ-0W-NwVZ-RduWEvsyG5natQdZg74lu7I0pQ8gebBtEDXQshshR88gkqcn49fpUBlFbH1SmjrCm3PNE7iznxb0tRgWbe3MqmapkXx6mSxiJyi-dLrIAL88fBa6bo_EiayvPtTG7Wt8MlcivCl6hEoGCRbtmeDVGoPeaMN&cid=CAQSPwCNIrLMYWJk9tBkfr7CbOXSaIbKL8szulG_nYgQ28kKtJkyECr_fjcrPlEr5GhUjrkT72I8MOeWme6pNfQ-uBgB&rfl=1%2Chttps%253A%252F%252Fchicadventureit.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:30:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame B8EF 25 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:28:35 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame B93E 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 container.html Show response
d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CD9 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:22 GMT
expires: Wed, 19 Apr 2023 01:49:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B8EF 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Apr 2023 13:57:03 GMT

GET
DATA 200
OK truncated
/ Frame B8EF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af78550ad1c8b98951422daf1c001de2455b33d538cb09c5f6a10238e97b92ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/8865269517622706176/ Frame 8FB2 47 KB
11 KB 97ms
48ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:23 GMT
expires: Wed, 19 Apr 2023 01:49:23 GMT
last-modified: Fri, 23 Jul 2021 06:16:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BE74 0
622 B 160ms
75ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7-4uDharO9Iqbh2e9ExRTUBUTHdj8bIDfyEsM0sTC8sJ6QsxUXnp3T6B008IVMjf79o6-iD36cma6qBspZDN1kOkg3Rg3yoS9UG4tWldp_fTKmViDAoYvf2XrbpkMjol8BywicKofAlttoQhFuJyc03W2dw9dDYiRVHnAAlep2unjMilVugK6jl2R4kyu_N9KL9eYpvNPVh7JMOviaoM-Xpr1nNT63H3I-tALbSjWR2_gNr7juh59HyH0vwFCrtSzkADD2cfgtw4Or5ukcNOp-oZ9rlnfaKohhHJOtDdRA4Kzzlnbdxxz3VU0zq-XMkcGSfwBdi7p_EVLnUqA4VUTrJtMw6BLMHRR9zIyGz0KqUVqjKXbtmZE50fEtt1iU_KWZ-2X7_P4hBALpEg0dr32E-eLrO14JTSFfAv-dUOiBqwvQoY8hEYPn-mG4F7-2qOtPhQJxcpO-DY1xn1H9iY9N386CO3t6y08xwIYDkn3B5bGEI3rE3h0aciScflKTVGbNMbshrnOsnENZGtjpk6e-kERXPJlU-wie_zMXURNujSdcB5STrfvpVdQ8g4AV3HednrE0Ay8C3j4TFXvyPOUXWcLxNsQ6i8c7PChuf2U8bMlAApalshNBS8BvaunQ8O4wL6vESXSgNwMQmEMi7EiyrBaJRmMQgt76Hhty-gsVS3Smo4bmtt0Hbl_1uSyTvLNz07ABPzrbdFNDPDjejE4iA92N94XgIVSlpaR0c4FT6VGawuddzafwic2HLXBUheLaC4GZhpYgy-t5rhk2DWKHa50qevE3-U0-FUtMnZOMOYUjIQWveF-N5j57sGZHKFW7x7vRpOT6xFZjQRiXz_o2F67KDjjETknkwrKQg_zZ0256wTUI2ccaUXEZfyEkaV86y3_uriejOucs1GfSjYTvztf_JbMj32Tj9UdtfnMDAhhjN62Tq_lAEUsbiQkSM9ghWOXnNCt7vRaZJiEotRlfcvOL6dcM_pPU5WpIj1-gvX8EF5KXNRZJkMGjf5Fr3rAkqht2yIDwc_dzmgWolWmXRm0dgEFyvmqzeDsMmVRSkkG2MlM5vknqGyAC3FfmrnmUfZY16qIRTP3GR_cIkq2CjDVHl0AlJzXb5sSrOsISjV40xug4Wgvprd7jdlYyNVf4a-0o0CBduFLgTHhuMp8Q4k7ywj6U1FcoscN3MAePBWj16bz9KXGSD_8U7iGhgef_wVkcPYXpXUZonXH8T29kDz8R0NBq0_Cqie5QzNfX_3PtTUEYyU&sai=AMfl-YRAk7IYH1zATnxMPxz4ZkKnLDWtyFfJkNQvJZkVwtCMJSni5j-EiNZnKvVTpDz1x5zy3d14ZdAQzZqgiWSUAUaEx_lwkFGEVyCqX-8c93tXhonWB2aOfIFHwFlkFVHFfM2ZTDXDKD9BOrApTr855TGoKo7tl91s0U6qMGA9qSBTr29qhL1z-ATw84-0mYH2gr2YXbBWUt497TGcNX3TXSUdcNXaitmBKNoBoCif&sig=Cg0ArKJSzCVXhq6fR897EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&cbvp=1&cstd=253&cisv=r20220413.73122&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 19 Apr 2022 01:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 css
fonts.googleapis.com/ Frame 8CD9 2 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 00:50:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Apr 2022 01:49:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8CD9 2 KB
904 B 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:46:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8CD9 0
0 75ms
74ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CctHRIxVeYvTMFsyk9u8P-YGowAqmvsmCacGdtv7jD66Z-aPQLxABIKqAwyJgleKQgqAHoAH2wJ3NA8gBCakC_EuCu_h0gz7gAgCoAwHIA8sEqgT0AU_QyECXt4nxPXUjTTHYFsKza_lvPa50-v_rH1tyOwvhoup-nmIlet7EHQOxnw4h2TMgl333dlK7VzYdwiiQpPkKHcv38fHb4pKOH9o1ZPDhRIZOxYxLE4m2gnp7eNXneOh-0QqCIdyDEIhFKn68TFPrz4irhp-uvbAJfuslr5-6X0zi_ZSBtTw3l5RylJQkAP0GKBpOS7lnaY8I-57w7guFBBJf2t9uWVoegsQM_tFQasWwfwynjN0BtgLzLEqJfmt0VK1XUydq1fdvkniPCnCcoEM5ZuyLwmGqIA3YDFO4Z26iHWCO7NPLhw6YgcoiQjYGtzLABIe2tef9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfyvuIyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOb0EtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=Cr8Wi5Dg6rA&uach_m=[UACH]&template_id=494
Requested by: Host: chicadventureit.com
URL: https://chicadventureit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 8CD9 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 00:41:55 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8CD9 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:33:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8CD9 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 May 2022 01:34:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8CD9 0
0 47ms
46ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuUBTKdvb6AVxUwe7Ll2ZgHM46uGPsZjrtrljKVZ0YBs9clgxrcSAy07kW-7s6Qaxv1bzU41VksNqeSgJ2ceY1vQ03Vw
Requested by: Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CD9 119 KB
36 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 8CD9 29 KB
12 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 616B 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 15:41:16 GMT
expires: Tue, 18 Apr 2023 15:41:16 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8CD9 54 KB
54 KB 135ms
39ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQHDZxyV0iJWyBSJYa0VVsUUfY3TF_5dN8E5rM4WZ7HzUiRsW5RYnmFjyTCLZY&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec28487dc8a02b847ba2bad3a91f6649cd51f05b4a2c94a5ace1c82bd03783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 09:34:50 GMT
x-content-type-options: nosniff
age: 576873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55022
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 02:24:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 09:34:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8CD9 73 KB
74 KB 194ms
100ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT-AQzCT8LjpR4-DOz78kPkpe5Kep2u2bXYGOQXMbekz_xcfRevEu6Nd7Bgj9o&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f971c4b3ce911e4873c6ae21bba058de83920e3b7f01931fa8adec35851b7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:01:05 GMT
x-content-type-options: nosniff
age: 74898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75251
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 01:52:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Apr 2023 05:01:05 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8CD9 52 KB
52 KB 176ms
50ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTe3P371Gbh8mqh4_zUgJ9yZVE101wBkVabAnzHOVhns7F7cKTjwyfSkvMWWhw&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7887e843a8f7d38184a82f23fb6f27468ce5bd5bda325a361b07e6fa4cc2fd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 06:19:09 GMT
x-content-type-options: nosniff
age: 502214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53307
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 02:08:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Apr 2023 06:19:09 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8CD9 19 KB
19 KB 230ms
104ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR2zLJuhrRUJDaoz2JVEyXJOzFovjy2mKfQomLamJLEetbwwQZFwXwDZe_2B_s&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d7daa254fbbffef8df7db2f116eaae08665fe39a9b7abf67d1ff40c7c51c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:25:52 GMT
x-content-type-options: nosniff
age: 55411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19103
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 02:18:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Apr 2023 10:25:52 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8CD9 59 KB
59 KB 245ms
120ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTckkOHP8gitBkE1yzbPw0npYLZKv-_AqxIWjlZnxJe-zkmnqt9iWWKFMa0jQ&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922ffedc876cf6e2db0d89fdf51728c546192ae8e88770725d22490f0dfca6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:14:53 GMT
x-content-type-options: nosniff
age: 372870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60393
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 02:56:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Apr 2023 18:14:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8CD9 51 KB
52 KB 225ms
132ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRj4E7RniZOY4hJu2o_uirRPJs5HKL1Ix9jHQerCztrCYK-pN7Asn9A7mIzeqs&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7beb78bcb94a9a1901f3fa7d76eac6356358090db765c3f625b7988676da52da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 14:12:51 GMT
x-content-type-options: nosniff
age: 300992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52666
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:40:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Apr 2023 14:12:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8CD9 12 KB
13 KB 174ms
49ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQwhv_AwLl5SE_Z345TUmsUU_omNARF1iiTxaodcnVWRJ70n-o&usqp=CAI

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb994ec54ba67aa328ce7afaea82b9c01727e1f0ddaaa74a1bcc837a642cb050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 14:38:43 GMT
x-content-type-options: nosniff
age: 126640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12461
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:04:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 17 Apr 2023 14:38:43 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5512685817669012872/ Frame 77A0 12 KB
2 KB 48ms
48ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace3d9d94d8a1bda7b480f2478c3b52cc40c51f904e21393f2da87bd08fb8755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1868
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 01:49:23 GMT
expires: Wed, 19 Apr 2023 01:49:23 GMT
last-modified: Tue, 15 Feb 2022 16:17:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8EF 0
64 B 95ms
76ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnJQetu8hpPQ9i5zC3Xk6UBk2I08om6XeTEEAVIGgHm1zU3ay3j4KUVR6DQWNLB2mKeg8bKQsFMCaAxcWE5GQSb2Swd9AJRlwg-LnU_OQRHcqVGFiEsJ-hL8WsungMsPmN2G-j_yfjuQ5JEOZ2FlaCfO0uL-OBgx251IIRPvBCTe3ph9i_DHLWQfTehOc2eJptqw-3qqN4hx3cJm--9k1iH2YANg0D9VzxjUIxaI5c0FVBCMQ0aO4lr7yancW3V7qAIxocQpmVh9JMOsy5BydTlpsB--4vYhqfyxIUlfOG3-LOnhtpfdZm6_ISszIjF13Ae1y8OilT4IyrVQwGrwvxWkRCMOp3vLmqKmOP3PQQcgZMlsAk5RpEIB_M21byBZOPkr_Cm5nxcU6gGlv8IHl_hkQco-Bv13vd4tv-oc4_j0ji3MJw7PWLoxpjyWAK5Sq-pads3mRt7K7nY2K9oPQXyRfEh1mQ9MhFI1ZOzd6F_BOp6Vh8fmN-9G4KQkbcnLAocwLl0H_gk5uEV9Z4ZvuV9pxaPgfguinkJza5Pp2Qt5qYzRqgkBBnvQ48CYsqSWkesoRc3ofxFWZTRt5we0zf7VAnyaOs6ksXFqF9H2pOCYlFUqX5d3K5sHjScwPii-XywtkpzNA4KwXjcscsLiFv0A6QkjnFympae4XDIw_GnblRby9KytvyxT1SNkA321gkm9Yz_M0C6mJ-ZamMNuEoenW8J1eqs3saLI6Q-J-InazkGMtcDn5KDd7y3TPIgicyfLSB8K3UqS5SVCXICTi1Ow0zVBJyYD3k6XQm5c48PtHlkgJw4MPCYZ0zmOiKUdKOzy0cmvCsk_GeYakCoyAmxPOGdYTUlcdD2S9KOe_XmGOGx4PR5TUB8f73wBtEEE1VLhNf44ilScFIZczGQzArv2WTbZ-1F6Axn9mX-PqxVj1aANbaouY_yuRwJxvITLBzzItWC03rWntS7itayqU788FkU8r67hYZcHqt5XU0nKCQah-54x05vL7RLY9dEn37pj5c9J7kthvnNjZ9BdILrGSJh6WnXjxGSwO_D3xONj-hH8eXLvk1iC4J2aEbPxh8mrlmpM5RjIJ8Vwb5IIMzaWxe0VBJ4XL4spxZtu2ovU5rxFhGoLZAN45A6CWeBU-Hc6iEnQzLtcB7Q8G5yodaqP_dIuZi27zjVo1M88i1ylKs4WfpBo8gNwv-ejchc7uc8yDOgRM2kaIEANaw9GdbFG9UjT_1RQ5K2ftmbHxBkVVJ4ci2USKYDDTkiP5XygrQTs1RcQA6&sai=AMfl-YRCVIfoY_gqBQ3WoPvp5Dn9rwXaniKTiepx9XQh5HjJuEU9NDjvLeUynPLsZKtbfx3jTl2SI9-yPexnheWiWebgbdxE4IqflM74Bqs8HVvcuCacF_5iFA7daG_iHmsedrG-OX1W5JTE8tkfZLC-BZGZAv3gMbNMXklbIrBUiD07G-AVEuTazKzF7cUcROgqsrpixwqRIKQ8_UsD7fhoXDW9oZ7NSWW9ja6HVsByAn_eSVWkAbAtc9zSYy28m8ZZw6XSQ4ophxObAQ&sig=Cg0ArKJSzIsl1iveOzVVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&cbvp=1&cstd=154&cisv=r20220413.88631&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 19 Apr 2022 01:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 10CF 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 19 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8CD9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 904550770bf9057548d24e181910f883633ee30be05990d55380248a8d267826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 8FB2 116 KB
39 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 11:23:14 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8FB2 60 KB
24 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H3 200 1643485919913.css
s0.2mdn.net/sadbundle/5512685817669012872/ Frame 77A0 8 KB
2 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d4336de63562999bff015e913cf1febe4aacc3785c96a0ee94bf613acce7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2083
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 16:17:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Apr 2023 05:12:28 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 77A0 118 KB
40 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 20:04:01 GMT

GET
H3 200 1643485919913.js Show response
s0.2mdn.net/sadbundle/5512685817669012872/ Frame 77A0 32 KB
11 KB 60ms
60ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 16:17:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Apr 2023 05:12:28 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 616B 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPo29dv-ay6wcNFgN8_xPzk&google_cver=1&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUq...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUqw1SChQC63u8

170 B
188 B

38ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUqw1SChQC63u8

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 19 Apr 2022 01:49:24 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLLmD8sQl_q4w2bCy28pExsumn8PhchCOlvhqFgXTkLVI1SzZHvik6BQNf57rZG2xcLEWxwCZTN-91MpUUqw1SChQC63u8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 19 Apr 2022 01:49:23 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 10CF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjU...

43 B
412 B

182ms
173ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6fe1fbc1ff1f5caa-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 253
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6fe1fbc08dce5caa-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEP_GpWX4Q7gMeGSabol3Ug&google_cver=1&google_push=AYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILnyYTii2Pb_NzcxO1Rqe4KZqJRpZ1R3Ztz9QaQnnfp681Po6uHchTDg7pHrXptdgOzOpcXq37lbbzA-piWYbAgUG3sjUM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHbnhaynV3vfbevGjJ-0eI8&google_push=AYg5qPI2AkrnyqfdweNC29SgRaOTmTatReon8GKVytyHL_oamkIPYAvyMu...

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHbnhaynV3vfbevGjJ-0eI8&google_push=AYg5qPI2AkrnyqfdweNC29SgRaOTmTatReon8GKVytyHL_oamkIPYAvyMujhnEmgx_TlVI-55lAkoh1XeACkfR2qoLOnSxxTcKGh

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1650332964.926093,VS0,VE93
x-served-by: cache-hhn4062-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHbnhaynV3vfbevGjJ-0eI8&google_push=AYg5qPI2AkrnyqfdweNC29SgRaOTmTatReon8GKVytyHL_oamkIPYAvyMujhnEmgx_TlVI-55lAkoh1XeACkfR2qoLOnSxxTcKGh
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEE9deTj3D9mN_lb3BpEExEk&google_cver=1&google_push=AYg5qPJLK5KTO4J44G0Ns_wfuI8kfJSp8I7iGk12qDckdUHnV3KOMxTdSb6aLIPHzfSLcMGyHwQZcqZyejUox5CFV2uRXUbOoBpA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUNEMDczNkVBNEFFODk5Nw==

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUNEMDczNkVBNEFFODk5Nw==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUNEMDczNkVBNEFFODk5Nw==
date: Tue, 19 Apr 2022 01:49:24 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOKYH_D79q7TYR2orXkDdDc&google_cver=1&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm8ccA&google_hm=ODc3MDAwMTMxMTM2MDk0MzA...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm8ccA&google_hm=ODc3MDAwMTMxMTM2MDk0MzAxMg%3D%3D

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Apr 2022 01:49:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJotM_WxQQqXgYv5VuA0N3XsnlV2ci5yZuU9vCnEw7a-rqtO9cL_lFq36WU9hXfo-_uGV_TgZ5P_IpV7ySK-bJImSm8ccA&google_hm=ODc3MDAwMTMxMTM2MDk0MzAxMg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ9UEU4dZItoIHZdDxKcrWk&google_cver=1&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdI...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ9UEU4dZItoIHZdDxKcrWk&google_cver=1&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdI...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UbXRmRTFGRTJ1RTJxTkFYX3dVWjEuY1JMVlZOUjVyLn5B&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDh...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UbXRmRTFGRTJ1RTJxTkFYX3dVWjEuY1JMVlZOUjVyLn5B&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdIqjm4HWLq1dUt2dAVGs_pU3kjBE

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UbXRmRTFGRTJ1RTJxTkFYX3dVWjEuY1JMVlZOUjVyLn5B&google_push=AYg5qPKwS9CpSpxAanEpfr0iA97LVb_HGhAQaNzrn6KeqWoTdk1oz3gDhsQk-UMCKeqhgVsUdIqjm4HWLq1dUt2dAVGs_pU3kjBE
date: Tue, 19 Apr 2022 01:49:23 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10CF
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECWaxDRuJ3cSPpyUWkDMI_g&google_cver=1&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWX...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWXuQETO&google_hm=OTA0ODI0NDM...

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWXuQETO&google_hm=OTA0ODI0NDMwODMzNjM0MDM0NA==

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLzifbm7qqYPa-YtGswjyM-2NaLJdJMaLLwrUNNH0I17gMTXm3rpmeaLVX0UwwblaY9kS4-KEyLPucmkPGCdKyEDWXuQETO&google_hm=OTA0ODI0NDMwODMzNjM0MDM0NA==
Date: Tue, 19 Apr 2022 01:49:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 10CF 0
12 B 37ms
37ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPMMaPkz_gHiH1DkXBKq3IFmNPZV2YPH8YWuVhxyV12fmsH-f-svYk9uEf1wJTbYuzwCi57Vc

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B93E 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgf7bIxVeYvKPFrnH7_UP2N-2gAkAAAAAOAHgBAI&bg=!pqWlpeHNAAZvJBiFTyQ7ACkAdvg8WuzE7SmsGIZ-GM3CORIDwr3WuEAtAMfEAh6a2oN-uERS7HCIaAIAAACpUgAAAAJoAQeZAvLTpb40gMuvny8-jOB_ZFZgaQXB4m3ZjeH7ww_cvj4SUCnUXh8eZgL2Ex2dlobZNeCEnv0SjjNxr8bp0tzghm9felEjSSuO5eW-64L65U6DjQp4O6bCzlbNM_r0gAFV71tnTBVRBzhVk2HsByktsMt7KmX9iJrXNfv4LYdBVgK3DxmDoCXLumbmswP09xJkmdgDtfeXjnZ7RbbYBDXzE9yCN9CvX6QhxNwGD7MywandlRkgeZmKpqcTyZIXsVNwJc2NNLyFHGdICLSr1cM0bmThc9CDTXxID3zO0tMlMoyhdXyr6lX1nQlEXRl3-C1XdqB5HtJ21gj3RzMRfj-E63Qa_aH582lWKArRmSk4UYudLj7_rvQDC0kV4iwJFufgpTGmCkzhxnLhCpy-q15UMYPRCjU-bD0WU0e-HcIGktkDWx1RFNpQ_W9ZRjlf3StO5NJNL6DP902SZEFUK--NDko84Qty_2w9n6L0e0KjLZ2oZmgbVyOKOnMkiMLNoJJxqkzdfB9R4fkFLJ0104XeftBDl69L8NXqSU4uC9CZEaTsPuwWcj8lhOlsPeSoW478-oqt7DWuqKv_JfCFS-37r2JQY3mOygzb_4mrgUuMISBkqkA16lnZRwYfCV8uEp9Q53bF18L06yoR8dzyVkE7_DOz-dYhMp2lpUYZ_tqp8BcLyoQ0T3_C0ol1vynY49i_ar1TFVlV2bgQRnY1TNHF7Laab-HPEJkMKPr2zUNM1MXYbRCXktOlW5-0lGpockRck-Xz50HO4zRRTwzpnDgdTSzjqC_USyXMjb_YvtvRYpcD93cZ2HQKpOeojBwyeLia7yd_l-X2ZpN4ZC10X-x7qPVC1-gv3kzYFkq8v3CCWiCgs1FaGquXncJ-jK04Cxi8pj-xmoovgAlWnI14rYFbGK4B9ePxoyGN_k6lIzWtf9FABxneovC6p25hVaeOV4EevSrAGFCk_DuQwl0OWiwhPA2lvSS9EQv_CvL79Pzqj9hS0_UZ

Requested by

Host: d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
URL: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 8CD9 20 KB
21 KB 146ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:52:30 GMT
x-content-type-options: nosniff
age: 345414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:52:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8FB2 7 KB
5 KB 130ms
49ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7c1c9b5d38f7ef0c6e9f0a1c1a946e563c33bd33176c93fe23ff7b5da66ed45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5514
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/5512685817669012872/ Frame 77A0 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5512685817669012872/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:12:03 GMT
x-content-type-options: nosniff
age: 419841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1954
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 16:17:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Apr 2023 05:12:03 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BE74 0
26 B 136ms
70ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7-4uDharO9Iqbh2e9ExRTUBUTHdj8bIDfyEsM0sTC8sJ6QsxUXnp3T6B008IVMjf79o6-iD36cma6qBspZDN1kOkg3Rg3yoS9UG4tWldp_fTKmViDAoYvf2XrbpkMjol8BywicKofAlttoQhFuJyc03W2dw9dDYiRVHnAAlep2unjMilVugK6jl2R4kyu_N9KL9eYpvNPVh7JMOviaoM-Xpr1nNT63H3I-tALbSjWR2_gNr7juh59HyH0vwFCrtSzkADD2cfgtw4Or5ukcNOp-oZ9rlnfaKohhHJOtDdRA4Kzzlnbdxxz3VU0zq-XMkcGSfwBdi7p_EVLnUqA4VUTrJtMw6BLMHRR9zIyGz0KqUVqjKXbtmZE50fEtt1iU_KWZ-2X7_P4hBALpEg0dr32E-eLrO14JTSFfAv-dUOiBqwvQoY8hEYPn-mG4F7-2qOtPhQJxcpO-DY1xn1H9iY9N386CO3t6y08xwIYDkn3B5bGEI3rE3h0aciScflKTVGbNMbshrnOsnENZGtjpk6e-kERXPJlU-wie_zMXURNujSdcB5STrfvpVdQ8g4AV3HednrE0Ay8C3j4TFXvyPOUXWcLxNsQ6i8c7PChuf2U8bMlAApalshNBS8BvaunQ8O4wL6vESXSgNwMQmEMi7EiyrBaJRmMQgt76Hhty-gsVS3Smo4bmtt0Hbl_1uSyTvLNz07ABPzrbdFNDPDjejE4iA92N94XgIVSlpaR0c4FT6VGawuddzafwic2HLXBUheLaC4GZhpYgy-t5rhk2DWKHa50qevE3-U0-FUtMnZOMOYUjIQWveF-N5j57sGZHKFW7x7vRpOT6xFZjQRiXz_o2F67KDjjETknkwrKQg_zZ0256wTUI2ccaUXEZfyEkaV86y3_uriejOucs1GfSjYTvztf_JbMj32Tj9UdtfnMDAhhjN62Tq_lAEUsbiQkSM9ghWOXnNCt7vRaZJiEotRlfcvOL6dcM_pPU5WpIj1-gvX8EF5KXNRZJkMGjf5Fr3rAkqht2yIDwc_dzmgWolWmXRm0dgEFyvmqzeDsMmVRSkkG2MlM5vknqGyAC3FfmrnmUfZY16qIRTP3GR_cIkq2CjDVHl0AlJzXb5sSrOsISjV40xug4Wgvprd7jdlYyNVf4a-0o0CBduFLgTHhuMp8Q4k7ywj6U1FcoscN3MAePBWj16bz9KXGSD_8U7iGhgef_wVkcPYXpXUZonXH8T29kDz8R0NBq0_Cqie5QzNfX_3PtTUEYyU&sai=AMfl-YRAk7IYH1zATnxMPxz4ZkKnLDWtyFfJkNQvJZkVwtCMJSni5j-EiNZnKvVTpDz1x5zy3d14ZdAQzZqgiWSUAUaEx_lwkFGEVyCqX-8c93tXhonWB2aOfIFHwFlkFVHFfM2ZTDXDKD9BOrApTr855TGoKo7tl91s0U6qMGA9qSBTr29qhL1z-ATw84-0mYH2gr2YXbBWUt497TGcNX3TXSUdcNXaitmBKNoBoCif&sig=Cg0ArKJSzCVXhq6fR897EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=518&vt=11&dtpt=261&dett=3&cstd=253&cisv=r20220413.73122&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=966469139129077&bg=!zc6lzorNAAZvJBiFTyQ7ACkAdvg8WlU3kaoN261p2qQ1sOw6SX0O6uT255o0RWdbrR7YXm6XZvt8oAIAAABOUgAAAAJoAQcKALo7aBu3cK6QL2I4f7LydSGFFUyXGWszdPF8J71Dt2Cr311wTE9ZgALYAtqhl75gIuQW8m2BBZjWe11cY7E7SuIXrsquwt0WBFXIvvU_LpOtaVvaroaDIG3w_c1xxN8_AwaaaclY7KONoPycKmQoJ3AJZzED06hhf7zXhZi7LrlDkO_g-R-ETKHGYOcFwMiCkxYdoNZHMZ67opB1CwZ3jQcfKhmm33JtPFcC5vfcukTPfm2InuWUJjWYuvSZAqiV5cAyxkjvO4uGpFYLhlgi8jVcgD7KbC6og0jSCJW8nF-cAIxSWZW4YjvoVl_801lQJLHdAKS_a1j8u2nj7pF1gyIoHyp2P0d5VdsjasLXb-l0w19Rrfui7vZkg5q6qllH8hS2VFJrsHrvUwc7z2oZjTdjMXDsrb1QOy0xtKK_Yu0B38XsQq3hAvK7NRp5MltC1GVPXh8XsV5saZRuZfV9cN17rmC7NxE-3Wt3ZDQIt5r2LvktsRcAeApOM9whavovmjR73KdXfktG3Qaes0O7A5PHilriI772ZWq6nlezVs5lBez04Ey2GiZimmFLOHGhY_giKE7pHqDrESDPwjhRviBHJ29J6jS7lBHGyXGdPw_tArhCyAP4CDjLuges3aR6gSyazSAfp1kVeK1uv8UNuEZxYw9oIAsnMntVcRSgdSPm45G81On-3wir6tUQOWCB7CG2y1Hz8GBVqVsjxZzPqxYzRliBTYZItgTRxBV70qL3CUKzmC8zJ7tjZdAmdEm8mUs5-GyDGftpubb4LCrSNNvCWKvyx1HD85mqSymn6fkUw_hUlW6OBpJvpTTCZbI-b_lwKzVdoDuLEPMXvXyWDmTpyjwakXqSICrOjsMBYd8B2w5GY91ewBaIYVTmlEiG6eRrS-F6uWyUOImoVDwaiwp57BV02uTx2nM4bs1G8km5g6iwxyXEYpLEgbJoR2OHrvgBvmr-n2RGVj6zVq1t-NpKiDQAubKx7vUXOdCptTQVm_b2gcwfD_8-0PIYmvGts7dv11w-R45PJ_tQ4Kn4BKGR65R_NtxJwLvNzjoilBReeWPE7RIaG3rPHwvl-KWGGPtrjtfONxsMG2_SwWEpwLuq--dpr3gkozNG-vG3mOjEeM0FI5PsL1AFkNK-uPcI1mkNpnOWTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8FB2 47 KB
47 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:45:35 GMT
x-content-type-options: nosniff
age: 229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 02:00:35 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8FB2 47 KB
47 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:38:54 GMT
x-content-type-options: nosniff
age: 630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 01:53:54 GMT

GET
H3 200 60005582_20220110062031600_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8FB2 28 KB
28 KB 41ms
40ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062031600_728x090_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:39:31 GMT
x-content-type-options: nosniff
age: 18593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28836
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 14:20:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 20:39:31 GMT

GET
H3 200 60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8FB2 26 KB
26 KB 58ms
57ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=KTfnxRYGHR&t=1&renderingType=2&ev=01_248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:56:11 GMT
x-content-type-options: nosniff
age: 28393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26568
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 06:54:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 17:56:11 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 8FB2 43 B
551 B 38ms
9ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 19 Apr 2022 01:49:24 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B8EF 0
26 B 90ms
68ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnJQetu8hpPQ9i5zC3Xk6UBk2I08om6XeTEEAVIGgHm1zU3ay3j4KUVR6DQWNLB2mKeg8bKQsFMCaAxcWE5GQSb2Swd9AJRlwg-LnU_OQRHcqVGFiEsJ-hL8WsungMsPmN2G-j_yfjuQ5JEOZ2FlaCfO0uL-OBgx251IIRPvBCTe3ph9i_DHLWQfTehOc2eJptqw-3qqN4hx3cJm--9k1iH2YANg0D9VzxjUIxaI5c0FVBCMQ0aO4lr7yancW3V7qAIxocQpmVh9JMOsy5BydTlpsB--4vYhqfyxIUlfOG3-LOnhtpfdZm6_ISszIjF13Ae1y8OilT4IyrVQwGrwvxWkRCMOp3vLmqKmOP3PQQcgZMlsAk5RpEIB_M21byBZOPkr_Cm5nxcU6gGlv8IHl_hkQco-Bv13vd4tv-oc4_j0ji3MJw7PWLoxpjyWAK5Sq-pads3mRt7K7nY2K9oPQXyRfEh1mQ9MhFI1ZOzd6F_BOp6Vh8fmN-9G4KQkbcnLAocwLl0H_gk5uEV9Z4ZvuV9pxaPgfguinkJza5Pp2Qt5qYzRqgkBBnvQ48CYsqSWkesoRc3ofxFWZTRt5we0zf7VAnyaOs6ksXFqF9H2pOCYlFUqX5d3K5sHjScwPii-XywtkpzNA4KwXjcscsLiFv0A6QkjnFympae4XDIw_GnblRby9KytvyxT1SNkA321gkm9Yz_M0C6mJ-ZamMNuEoenW8J1eqs3saLI6Q-J-InazkGMtcDn5KDd7y3TPIgicyfLSB8K3UqS5SVCXICTi1Ow0zVBJyYD3k6XQm5c48PtHlkgJw4MPCYZ0zmOiKUdKOzy0cmvCsk_GeYakCoyAmxPOGdYTUlcdD2S9KOe_XmGOGx4PR5TUB8f73wBtEEE1VLhNf44ilScFIZczGQzArv2WTbZ-1F6Axn9mX-PqxVj1aANbaouY_yuRwJxvITLBzzItWC03rWntS7itayqU788FkU8r67hYZcHqt5XU0nKCQah-54x05vL7RLY9dEn37pj5c9J7kthvnNjZ9BdILrGSJh6WnXjxGSwO_D3xONj-hH8eXLvk1iC4J2aEbPxh8mrlmpM5RjIJ8Vwb5IIMzaWxe0VBJ4XL4spxZtu2ovU5rxFhGoLZAN45A6CWeBU-Hc6iEnQzLtcB7Q8G5yodaqP_dIuZi27zjVo1M88i1ylKs4WfpBo8gNwv-ejchc7uc8yDOgRM2kaIEANaw9GdbFG9UjT_1RQ5K2ftmbHxBkVVJ4ci2USKYDDTkiP5XygrQTs1RcQA6&sai=AMfl-YRCVIfoY_gqBQ3WoPvp5Dn9rwXaniKTiepx9XQh5HjJuEU9NDjvLeUynPLsZKtbfx3jTl2SI9-yPexnheWiWebgbdxE4IqflM74Bqs8HVvcuCacF_5iFA7daG_iHmsedrG-OX1W5JTE8tkfZLC-BZGZAv3gMbNMXklbIrBUiD07G-AVEuTazKzF7cUcROgqsrpixwqRIKQ8_UsD7fhoXDW9oZ7NSWW9ja6HVsByAn_eSVWkAbAtc9zSYy28m8ZZw6XSQ4ophxObAQ&sig=Cg0ArKJSzIsl1iveOzVVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=248&dett=3&cstd=154&cisv=r20220413.88631&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 77A0 13 KB
5 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 09:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:37:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 77A0 7 KB
5 KB 50ms
50ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca182481118598129203fd54a4b4a36f0c8e0c088f34c7890a4bedc6c9d47ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Apr 2022 01:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5603
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FB2 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:24 GMT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame AD16 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: chicadventureit.com
URL: https://chicadventureit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 22:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 22:25:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 616B 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjDCtIxVeYpS2IITH7_UP48WbyA0AAAAAOAHgBAI&bg=!qaqlqu7NAAZvJBiFTyQ7ACkAdvg8WuYR6GmDDqV9VaxPQ_zPHlX4rVtoYF6dlQ6ufIVeq-UZDsQ6QAIAAADqUgAAAAJoAQeZAvzb6Fm030y87TVR27y2gO_nnURVZffGTxXC2oe4q9wE7EWT_uLgID6y1vVIccUX4Urz8AKZ6oYTn_HRqRJzLExKvEdYGQRzGn5q_3RqVcJa4e-OF9zWa9EeoNvqfzVw_RHMNc8NDbdvFzgp_hnoiL491xEHJm_3w_2zVag2zKrFRNjTSZMDuMuEIY8hzW2fatGclmRJNL1IQjN9zDG2W02uD-Q3qJhgD09LJJzGH4O2P7MBxdDNKUgf2b4m-KlRgGPNk7urmWKQPJHHOqPvd8A0oWwNfDz9n13vXRwaF7Uwzvr8-aOlD1HjhEvQ4IY0GcJ0r49PjZpfiPEmiUWG11Avu_JLotgqL7Rp4iE5PnSGdiuLkNJDD_aueUKCIzBV4J-QRsC0XVjzXl_NMtkj9dY9_zHUtiW94jRHRHfnIUY1Z6UBfgGDIdWNJXONopFwfZ8v9rfJdEJ_8-KJaBi2t0MqNoyOpdNuAVdXflqF-yxjaGDhZY4aeV7B1YpsKaYRZOceya8Qg6XHwkGnEGY3J_eMRFLAKj56g4a2bb3wsAXiuqq1Ldi1bGxYru9tgyfTmJKkhWpuFGzluhE5S9IZPuGY9OLnjeAt4Jf0jcMeGnG0Ff8THkF9jksDeBxlb419KSJqbbwcvmLrSaEJ5NBMTN29LF_o76xFcbyQlMlSafkMIVejMJk35gIX8tF_qrm7a2AX_fbNA3aEs2ZXl8FdgSiqN61R6GLvWNbTH6dcEJI1IxArsQwVZF_pRWRLk1vlQbmmEdz5fZLgZb83z3pxqEnrBHlF1AP8mo_-qDdE5iTyK6MEuyoH62uvKB_ROmxDvJhVSZP6IZgRRy_UrZdpGCAw8dlW-FFaLe_fy1w_F669dbLVPZR1QvldLvqDpyBcew7w8acqXjbnx1hyTrvwkV8qR38LyoJ19reVnKMKhfaw2HMkpzXlgxtlfDmjdkfXHpff2St0kPsx0PvGOHIbGod1bMAVzJlMz8Gq6MwkcX0lWaCWTTfkUTgvmqHaqA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 77A0 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Apr 2022 01:49:24 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame D33A 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E25 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 77A0 98 KB
98 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:41:15 GMT
x-content-type-options: nosniff
age: 489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 01:56:15 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 77A0 57 KB
57 KB 44ms
43ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 01:40:06 GMT
x-content-type-options: nosniff
age: 558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 01:55:06 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 77A0 35 KB
35 KB 40ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 13:19:01 GMT
x-content-type-options: nosniff
age: 45023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 13:19:01 GMT

GET
H3 200 m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame 77A0 157 B
188 B 43ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:00:16 GMT
x-content-type-options: nosniff
age: 35348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 13:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 16:00:16 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 77A0 35 KB
35 KB 39ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5512685817669012872/1643485919913.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5512685817669012872/index.html?e=69&leftOffset=0&topOffset=0&c=HxBsa63vl0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 13:19:01 GMT
x-content-type-options: nosniff
age: 45023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Apr 2022 13:19:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE74 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbKVmf40i4zGXuWGurE2HVR0s54YmbitJRKqazqL-l3F2MfKYxHHXIQnDMYwGQra07tTvPsQzcJAEJxBWJzrPARC6Zp5vMiGrBPM5tWGIBTr4p3m0ErQ&sai=AMfl-YQae4AC79mvsMzLDgBQ1bFIt34w4dRL7Sx01eK14AY-m3RqPoHlhpCpa8dFgBwuPGPTTuNK1sSlLBr2U7QdditBr_eJuNNfRe3L7laPyA&sig=Cg0ArKJSzGLzNOMP781HEAE&cid=CAQSLgCNIrLMyihRuG9pJNwnhVw3DLWOX8mccQGNJi49fTWq1WTq1g2VdGXjcwdzlMQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3059254518&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650332963156&rpt=390&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CD9 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCR7a5rBzru7xPGeqEdH_d7QQguc2NeV8AAiCkwKs_h9Sq-RJ9WETEj0uCfq4q11_NxqK80pai4TMCYqujvFlZufEbqOgiczeh41UmHVUurFoBAVMy2g&sai=AMfl-YTOCYDt0cUEbTLa4ADmzstS-F4XSf2Ooi70twMAuD6EMM6XBvGgf1r8xUmYwJNDEycKc_TzqOC_sDR9rxcnzdnmBxLA54fAsZzSPYWA3sGifBigbWVmKF0B1EN_&sig=Cg0ArKJSzK7vz9eyQfl8EAE&cid=CAASF-Ro0HSO7-53oJMJB_lc4jbTd6GR_IJJ&id=lidar2&mcvt=1000&p=205,315,505,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=669713117&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650332963677&rpt=457&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
17ms Preflight
application/json 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchicadventureit.com%2F&domain=chicadventureit.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://chicadventureit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 19 Apr 2022 01:49:25 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1932
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fchicadventureit.com%2F&domain=chicadventureit.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=YukVqnxuL1h1akViMEpJbEpPUTk0ZTBwZjdnR0tSNjd2Ty9LU3JBYnJZS3l5eW5RQVdtdnJXK3FiR3FPcDl5L1A1cmpsdHhrTE1pS3BKdVZQUUlSeVZ0c2JaMm0wY3ZGL0E4MjBkb25HTmV3TGRBS3AxcTNVZURodjZTU3...

352 B
622 B

48ms
17ms

XHR
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YukVqnxuL1h1akViMEpJbEpPUTk0ZTBwZjdnR0tSNjd2Ty9LU3JBYnJZS3l5eW5RQVdtdnJXK3FiR3FPcDl5L1A1cmpsdHhrTE1pS3BKdVZQUUlSeVZ0c2JaMm0wY3ZGL0E4MjBkb25HTmV3TGRBS3AxcTNVZURodjZTU3E2TGxlK2ZFMHJOSnA0S2dFNFpwM0grVjRkWER5SDAySnlnTjB2R0FQbHpvVjBmUEdORjFNZkRiekN3WlUzTDNUS0ZsYm4wVWtTd1EzZWNDNWkrTitiSlY5K1ZiTGhoMDcxK2ozQUJyWi96K0d0RWRMYzJzPXw&cppv=2

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

51968526518294d63b5747c99a84b2e766b3d043c7a50fcb40a3e0669b4e58e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicadventureit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:25 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2477
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Apr 2022 01:49:25 GMT
location: https://mug.criteo.com/sid?cpp=YukVqnxuL1h1akViMEpJbEpPUTk0ZTBwZjdnR0tSNjd2Ty9LU3JBYnJZS3l5eW5RQVdtdnJXK3FiR3FPcDl5L1A1cmpsdHhrTE1pS3BKdVZQUUlSeVZ0c2JaMm0wY3ZGL0E4MjBkb25HTmV3TGRBS3AxcTNVZURodjZTU3E2TGxlK2ZFMHJOSnA0S2dFNFpwM0grVjRkWER5SDAySnlnTjB2R0FQbHpvVjBmUEdORjFNZkRiekN3WlUzTDNUS0ZsYm4wVWtTd1EzZWNDNWkrTitiSlY5K1ZiTGhoMDcxK2ozQUJyWi96K0d0RWRMYzJzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://chicadventureit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1888
content-length: 482
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 97ms
31ms XHR
application/json 52.223.40.198

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b06da5fafdd7e4eecd153b89d1103a20f9f8b757bfb8549cdb6e1d00fbf9cc

Request headers

Referer: https://chicadventureit.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Apr 2022 01:49:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chicadventureit.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 19 May 2022 01:49:26 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7923 52 KB
17 KB 47ms
6ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 73661
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 19 Apr 2022 01:49:25 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 159827, 5970
X-Served-By: cache-lga21972-LGA, cache-hhn4029-HHN
X-Timer: S1650332966.864693,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7B27 52 KB
17 KB 52ms
12ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 73660
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 19 Apr 2022 01:49:25 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 159827, 1002264
X-Served-By: cache-lga21972-LGA, cache-hhn4068-HHN
X-Timer: S1650332966.864217,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7C67 52 KB
17 KB 52ms
10ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://chicadventureit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 73661
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 19 Apr 2022 01:49:25 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 159827, 13733
X-Served-By: cache-lga21972-LGA, cache-hhn4032-HHN
X-Timer: S1650332966.866734,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7923 0
745 B 13ms
13ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:25 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb42248d-ff96-4b3b-b73c-69c867e46e18
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B27 0
745 B 13ms
13ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:25 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 86422889-ea72-4771-a201-2c0cf0404379
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7C67 0
745 B 24ms
13ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:25 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d2f9b488-5ae1-476a-9d73-137d9320e7da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 67ms
16ms Preflight
application/json 178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 19 Apr 2022 01:49:25 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1038
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7923 0
745 B 15ms
15ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:26 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5d0208ba-734e-4d79-8881-8663f67331ab
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B27 0
745 B 13ms
13ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:26 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c0ce28fc-da76-4d32-be90-2b5b3a9c69bf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7C67 0
745 B 13ms
13ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Apr 2022 01:49:26 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 179b1e96-85d0-4e93-97ce-8adc179edcdb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chicadventureit.com/	1970-01-20 02:35:37	Name: __oagr Value: true
chicadventureit.com/	1970-01-20 03:08:44	Name: _pbjs_userid_consent_data Value: 6683316680106290
chicadventureit.com/	1970-01-20 11:11:08	Name: _sharedID Value: 727734b0-d660-4805-8806-9b37a6dc69c7
.adnxs.com/	1970-01-20 04:35:08	Name: uuid2 Value: 84486387874562609
.adnxs.com/	1970-01-20 04:35:08	Name: icu Value: ChgI8Jt7EAoYAiACKAIwo6r4kgY4AkACSAIQo6r4kgYYAQ..
prebid.a-mo.net/	1970-01-20 11:11:08	Name: __amc Value: 1_1650332962_1650332962
.chicadventureit.com/	1970-01-20 11:47:08	Name: __gads Value: ID=b5aeb450cc676ffd-2228cfea79cd00a3:T=1650332963:S=ALNI_MYpWjylVJUdZA_qoaiGmPn3XJ6-0g
.casalemedia.com/	1970-01-20 11:11:08	Name: CMID Value: Yl4VI5B.aeG1ka.OE46rFAAA
.casalemedia.com/	1970-01-20 04:35:08	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 04:35:08	Name: CMPRO Value: 1183
.casalemedia.com/	1970-01-20 02:26:59	Name: CMST Value: Yl4VI2JeFSMA
.doubleclick.net/	1970-01-20 11:47:08	Name: IDE Value: AHWqTUno21YInOLYrPSm1pWRmZvPnik4NC5w-f21oKjHZzJHE1qulmaQpeQTf2yAr3A
.casalemedia.com/	1970-01-20 11:11:08	Name: CMRUM3 Value: 2d625e15232760CAESEKu7Vys79S737r_U2zR0-bU
.adnxs.com/	1970-01-20 04:35:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ig*qkY!]tbPl1M>e)ZlrFUfJ+tGXxoXN<<T6Ak/<kaZo`.VVd)a@kY%OaaV6+8>6]/3If)y3KL9D3I?+b]??UR
.analytics.yahoo.com/	1970-01-20 11:11:08	Name: IDSYNC Value: 18yx~24ep
.yahoo.com/	1970-01-20 11:11:30	Name: A3 Value: d=AQABBCMVXmICEJez6A3VqeufmHeM413AodwFEgEBAQFmX2JnYgAAAAAA_eMAAA&S=AQAAAnXw0Mcq6vuLU2Ba5BJV44s
.everesttech.net/	1970-01-20 11:11:08	Name: everest_g_v2 Value: g_surferid~Yl4VIwAJfwFF2gA-
.rfihub.com/	1970-01-20 11:47:08	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dQ5PrHAJKvUyTg4OKKgMDc928fWMTw_iNTQzNTA2NrI0MzEwNnrFiMI3BgAg_wJEPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMStjQwsTAyMTE2sDA2NjM2MTA2MRHiM9QNTDZzCi4JMk-JjzcHAHwUj4wlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dQ5PrHAJKvUyTg4OKKgMDc928fWMTwcAFWKOUx4AAAA
.rfihub.com/	1970-01-20 11:47:08	Name: rud Value: H4sIAAAAAAAAAOMStjQwsTAyMTE2sDA2NjM2MTA2MRHiM9QNTDZzCi4JMk-JjzeX4jU0MzUwNjayNAPKGwEA1viZxDQAAAA
.o2online.de/	1970-01-20 02:35:37	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
fksnk.com/	1970-01-20 02:35:37	Name: AWSALBCORS Value: /UTSkOv5gzGEAP+mflyp1dpvk+YGM5668Q64UuF/bPbqavSaaEs4fyVsO5P7mMmPzMSYoJ1paHC/Bf4ZnZ6OLh0VzVwuAhDuMPhSiAXH+NdNicABEOWh+RrnV6vq
.fksnk.com/	1970-01-20 04:35:08	Name: f_001 Value: ACD0736EA4AE8997
.fksnk.com/	1970-01-20 02:26:59	Name: g_001 Value: 1
.mathtag.com/	1970-01-20 11:51:28	Name: uuid Value: 5285625e-1524-4700-8f09-393392763ea6
.mathtag.com/	1970-01-20 03:08:44	Name: mt_mop Value: 4:1650332964
.tribalfusion.com/	1970-01-20 04:35:08	Name: ANON_ID Value: axnseFsKBRgFmDqU7pursbIcMMqWDsEKEpYbMHmUsETgvU2mYOLTwHre0YGhNqcY2UCZbBS3lgd3GjvaCQ1Vd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
cdn.jsdelivr.net
chicadventureit.com
cm.g.doubleclick.net
cmp.optad360.io
d55bf991b91710a5e07e5e69ecb56725.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.186.34
142.250.186.98
145.40.89.200
151.101.193.108
151.101.2.49
178.250.0.157
185.184.8.90
185.33.220.100
193.0.160.129
216.200.232.253
23.35.236.247
2600:9000:2156:1c00:11:a4de:2580:93a1
2600:9000:2156:b400:6:b871:4f00:93a1
2606:4700:20::681a:8a9
2606:4700:3033::6815:5bc6
2606:4700:4400::ac40:98f5
2606:4700::6810:5714
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a02:2638::1c
2a05:d018:d29:3601:16db:9a62:bb6f:30eb
3.126.56.137
37.157.4.23
52.205.82.149
52.223.40.198
82.113.101.132
066834a3134ff801b713ae5f6404b3e6db0e320a49a7a5eadcc2e0146dd07cf4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0ec28487dc8a02b847ba2bad3a91f6649cd51f05b4a2c94a5ace1c82bd03783f
0f51e1d64ceebc368fa7f4158fbf5b865436b70c02782a8be02521c6a9de455b
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
178258e256e08a58dda9256a7ec848356aca5bbc6541f72443f26879f59c7433
1b13ab51a34aa17e76007f94d62c1316ee02a373911f386da91d52335c9a356b
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
26d7daa254fbbffef8df7db2f116eaae08665fe39a9b7abf67d1ff40c7c51c2c
28c8505851b27df52f6ac1f2b8b95f799b2067681eb42985f069a37c6cfc328d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2f971c4b3ce911e4873c6ae21bba058de83920e3b7f01931fa8adec35851b7a7
30b06da5fafdd7e4eecd153b89d1103a20f9f8b757bfb8549cdb6e1d00fbf9cc
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3716cd9cdd8b6093b54200b02dc5720a018ded54580352da02853f0dd2f2f971
3bf273d3ccf1c47a695d802c0d3a9a714797a9d20f0952381bce658627986d6d
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
414910fe9db06a6f54091351d76170ae834e0887a4c8cef7e5d3a14c92bae7f8
44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c
46c4c5a62b2324121bd68ce3ac656cf674e7ca00506a533d706cde57be97382b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51968526518294d63b5747c99a84b2e766b3d043c7a50fcb40a3e0669b4e58e1
550de642dcede3a7297da417bf13ded8b259e7e1f57325a9fe60468be1a71484
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5d7d76f885ea7183c6405c61d9c78b7073d014bf9080e19a767ed2ae7cb875a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d4336de63562999bff015e913cf1febe4aacc3785c96a0ee94bf613acce7bd
6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
737e89fcb9d16ab7876fd1e3eb66fc9f9e33d45d3a82193af44b16c701d7101b
77f2f17c590dcfa914f5ae59068e74950c65f6711a649c5dc3dcadb150894dbb
7887e843a8f7d38184a82f23fb6f27468ce5bd5bda325a361b07e6fa4cc2fd3c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7beb78bcb94a9a1901f3fa7d76eac6356358090db765c3f625b7988676da52da
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
830b1b11eaa6113a7e4d5051b373a7ac246675004399fe76f8d9d35748a56318
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
88816b4e9d2b1e7455a8edb3b081950d1be6c35f4da7af91a166b9c9a8f1edb3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
904550770bf9057548d24e181910f883633ee30be05990d55380248a8d267826
91ea26fe11a8ff106477b3b3a0aaa66f1b99f350a1ee232e7bd06604c7da22e6
922ffedc876cf6e2db0d89fdf51728c546192ae8e88770725d22490f0dfca6ce
9368b1c1b3caf76b4b6bf0558ec7d32ef03b2e837cbb3a4907c5619d00aeefac
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
9a07c48518e1941bd50cb6b576aa187146a06b66b5c872256b1e8d00b1d6e048
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c1c9b5d38f7ef0c6e9f0a1c1a946e563c33bd33176c93fe23ff7b5da66ed45
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ace3d9d94d8a1bda7b480f2478c3b52cc40c51f904e21393f2da87bd08fb8755
af78550ad1c8b98951422daf1c001de2455b33d538cb09c5f6a10238e97b92ec
b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b338a5903096e414eb204ccbc5bbbfcca2fdb9b18a8a6c8888d6b785e868fe58
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1b1289479872d12f4ebe74c3911ffcdea5cbe88082c504147d28ad2252111e4
c2065a853af8601ee0f10b0e777bf41d57d707d6328b72de4c58480425763bbb
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4086536e6efd7195668205a2d47d09bcbc40445729e835ee8c445e36d49dc89
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c900cdfd1286918aef120e91f4e664aba4b1eabeb6a4c5f68a06acd446783ad8
ca182481118598129203fd54a4b4a36f0c8e0c088f34c7890a4bedc6c9d47ccb
ca5ec73bad8e0374a5e5336e9fa396ef54b02677e3ab374b9933b89ac99f0440
d68ffab505ed660e23c532961cd93497c7fe9deb8b33959ffbdf88a664bda29e
da0d24aee71e49f30d6f5368c0821fef9dcda1f83a9c3eaf5bdcd2643cfdf99e
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45
eb994ec54ba67aa328ce7afaea82b9c01727e1f0ddaaa74a1bcc837a642cb050
edd9fc92bd6b92cefee3d7b9261be4cad27d224674a9a42ee2b9e12da1fbef76
ee59314ff756e2ec8b8a68a48da490129366ef50ef32119710951d3e3b8fb8f8
eedda56970a553f9b28a359c03f256e6b4cf7fd6ac3dc943c36cfe82cb90bc00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f099dafdbfcdbbe1dbdde864859928b35d46c4237d1a5b6f83cdc73efe62e638
fe946a4fd9d49e400a43d4552efd7a2cebf4510a54f813432dcd1fd7d4872e63

chicadventureit.com Open in urlscan Pro 2606:4700:3033::6815:5bc6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

91 %HTTPS

56 %IPv6

26 Domains

41 Subdomains

34 IPs

5 Countries

2353 kBTransfer

4953 kBSize

28 Cookies

28 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chicadventureit.com Open in urlscan Pro
2606:4700:3033::6815:5bc6 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

91 %
HTTPS

56 %
IPv6

26
Domains

41
Subdomains

34
IPs

5
Countries

2353 kB
Transfer

4953 kB
Size

28
Cookies

170 HTTP transactions
3 data transactions