www.craiyon.com Open in urlscan Pro
2606:4700:20::681a:ae5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.craiyon.com/
Submission: On July 21 via manual (July 21st 2022, 3:30:34 pm UTC) from NZ — Scanned from DE

Summary HTTP 246 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 57 domains to perform 246 HTTP transactions. The main IP is 2606:4700:20::681a:ae5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.craiyon.com. The Cisco Umbrella rank of the primary domain is 168134.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.

This is the only time www.craiyon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:20:... 2606:4700:20::681a:ae5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:fb:... 2a02:26f0:fb::5f65:580b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:303... 2606:4700:3037::6815:8fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:2483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	54.192.99.67 54.192.99.67	16509 (AMAZON-02) (AMAZON-02)
2 7	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.192.99.123 54.192.99.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:fe00:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2 5	46.137.141.240 46.137.141.240	16509 (AMAZON-02) (AMAZON-02)
2 4	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	44.196.105.178 44.196.105.178	14618 (AMAZON-AES) (AMAZON-AES)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
9 30	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	54.170.63.46 54.170.63.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
6	213.254.244.112 213.254.244.112	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:9000:21f... 2600:9000:21f3:4800:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	54.208.79.216 54.208.79.216	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	35.158.225.181 35.158.225.181	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	172.105.221.29 172.105.221.29	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:8fa7:badd:b745:6d42	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	54.65.22.125 54.65.22.125	() ()
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:1::13 2a02:2638:1::13	() ()
2	178.250.0.157 178.250.0.157	() ()
1	141.95.98.70 141.95.98.70	() ()
2	2a02:2638:1::3 2a02:2638:1::3	() ()
246	63

17 2606:4700:20::681a:ae5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.craiyon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb::5f65:580b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

hb-ab.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:8fa (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-99-67.arn1.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-99-123.arn1.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:fe00:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.137.141.240 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-141-240.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.105.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-105-178.compute-1.amazonaws.com

onsite-tag-logs.apps.nielsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.217.16.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.63.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-63-46.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.254.244.112 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4800:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.79.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-79-216.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Rottweil, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.225.181 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.29 (None, ) 1 redirects

ASN- ()

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8fa7:badd:b745:6d42 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.22.125 (None, )

ASN- ()

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	355 KB
55	doubleclick.net 9 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 117 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 ad.doubleclick.net — Cisco Umbrella Rank: 202 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296	331 KB
17	craiyon.com www.craiyon.com — Cisco Umbrella Rank: 168134	196 KB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 461 rtb0.doubleverify.com — Cisco Umbrella Rank: 651 rtbc-frc.doubleverify.com — Cisco Umbrella Rank: 14685	62 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	313 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5536 adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
7	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com mug.criteo.com	8 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	18 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10582	2 KB
5	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 650 match.360yield.com — Cisco Umbrella Rank: 4153	1 KB
5	exelator.com 2 redirects cdn.exelator.com — Cisco Umbrella Rank: 14141 mydmp.exelator.com — Cisco Umbrella Rank: 12649 loadm.exelator.com — Cisco Umbrella Rank: 1287	13 KB
5	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701 an.yandex.ru — Cisco Umbrella Rank: 2147	72 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	3 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 508	2 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 391 rtb.openx.net — Cisco Umbrella Rank: 1686	835 B
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 939	678 B
4	yahoo.com 3 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033 ups.analytics.yahoo.com — Cisco Umbrella Rank: 285 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	2 KB
3	gstatic.com www.gstatic.com	14 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	918 B
3	33across.com ssc.33across.com — Cisco Umbrella Rank: 1871	603 B
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 516	2 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1467	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5701 adservice.google.de — Cisco Umbrella Rank: 8252	1 KB
3	vntsm.com hb-ab.vntsm.com — Cisco Umbrella Rank: 136257 hb.vntsm.com — Cisco Umbrella Rank: 21397	299 KB
2	criteo.net static.criteo.net	28 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	243 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 824 r.turn.com — Cisco Umbrella Rank: 2958	869 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 400	954 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12988	929 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5346	747 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 474	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1317	411 B
2	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2234	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2656	24 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1373	15 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	115 KB
2	rsms.me rsms.me — Cisco Umbrella Rank: 13269	224 KB
1	id5-sync.com id5-sync.com	622 B
1	adingo.jp cc.adingo.jp	44 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 22625	440 B
1	appier.net 1 redirects a.c.appier.net	558 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1672	583 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4713	613 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 850	712 B
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 11688
1	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 27691	165 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 487	355 B
1	nielsen.com onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 11679	264 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1420	596 B
1	cloudfront.net d1oykxszdrgjgl.cloudfront.net	41 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1370 api.rlcdn.com Failed	37 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 26039	741 B
1	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 10153	61 KB
246	57

	Domain	Requested by
33	pagead2.googlesyndication.com	hb-ab.vntsm.com tpc.googlesyndication.com 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com www.craiyon.com www.googletagservices.com
30	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
26	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net www.craiyon.com 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	www.craiyon.com	www.craiyon.com static.cloudflareinsights.com
10	www.googletagservices.com	www.craiyon.com 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com ad.doubleclick.net
10	securepubads.g.doubleclick.net	hb-ab.vntsm.com securepubads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net www.craiyon.com
8	googleads.g.doubleclick.net	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com www.craiyon.com
7	ib.adnxs.com	2 redirects hb-ab.vntsm.com googleads.g.doubleclick.net
6	cdn.doubleverify.com	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com www.craiyon.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects d1oykxszdrgjgl.cloudfront.net 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
5	mc.yandex.com	2 redirects
5	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	x.bidswitch.net	4 redirects
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	sync.teads.tv	googleads.g.doubleclick.net 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
3	gum.criteo.com	1 redirects d1oykxszdrgjgl.cloudfront.net gum.criteo.com
3	an.yandex.ru	2 redirects
3	rtbc-frc.doubleverify.com	cdn.doubleverify.com
3	rtb0.doubleverify.com	www.craiyon.com
3	www.gstatic.com	www.craiyon.com 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
3	match.adsrvr.org	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com hb-ab.vntsm.com
3	ad.360yield.com	hb-ab.vntsm.com
3	ssc.33across.com	hb-ab.vntsm.com
3	fastlane.rubiconproject.com	hb-ab.vntsm.com
3	prg.smartadserver.com	hb-ab.vntsm.com
2	static.criteo.net	d1oykxszdrgjgl.cloudfront.net hb-ab.vntsm.com
2	mug.criteo.com
2	s0.2mdn.net	ad.doubleclick.net
2	eb2.3lift.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	ad.doubleclick.net	www.craiyon.com
2	match.360yield.com	2 redirects
2	rtb.openx.net	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
2	pool.admedo.com	2 redirects
2	sync.mathtag.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com www.craiyon.com
2	loadm.exelator.com	1 redirects
2	mydmp.exelator.com	1 redirects
2	bidder.criteo.com	hb-ab.vntsm.com
2	prebid.a-mo.net	hb-ab.vntsm.com
2	apex.go.sonobi.com	hb-ab.vntsm.com
2	script.4dex.io	d1oykxszdrgjgl.cloudfront.net
2	adservice.google.com	d1oykxszdrgjgl.cloudfront.net
2	adservice.google.de	d1oykxszdrgjgl.cloudfront.net
2	i.clean.gg	hb-ab.vntsm.com
2	mc.yandex.ru	1 redirects hb-ab.vntsm.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	hb.vntsm.com	hb-ab.vntsm.com
2	www.googletagmanager.com	www.craiyon.com www.googletagmanager.com
2	rsms.me	www.craiyon.com rsms.me
1	id5-sync.com	hb-ab.vntsm.com
1	cc.adingo.jp	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
1	r.turn.com	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	ads.avads.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	a.c.appier.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	fksnk.com	1 redirects
1	um.simpli.fi	1 redirects
1	cdn.besafe.global	5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
1	track.venatusmedia.com	hb-ab.vntsm.com
1	analytics.twitter.com
1	onsite-tag-logs.apps.nielsen.com	cdn.exelator.com
1	c2shb.ssp.yahoo.com	hb-ab.vntsm.com
1	geo.privacymanager.io	ats.rlcdn.com
1	d1oykxszdrgjgl.cloudfront.net	hb-ab.vntsm.com
1	cdn.exelator.com	hb-ab.vntsm.com
1	ats.rlcdn.com	www.craiyon.com
1	www.google.de	www.craiyon.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.craiyon.com
1	hb.vntsm.io	hb-ab.vntsm.com
1	hb-ab.vntsm.com	www.craiyon.com
1	player.avplayer.com	www.craiyon.com
0	api.rlcdn.com Failed	hb-ab.vntsm.com
246	81

This site contains links to these domains. Also see Links.

Domain
huggingface.co
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
www.craiyon.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
outstreamedia.com R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
cdn.exelator.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
ssc.33across.com GTS CA 1D4	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
onsite-tag-logs.apps.nielsen.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.venatusmedia.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
cdn.besafe.global Amazon	`2022-05-26` - `2023-06-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.craiyon.com/
Frame ID: A505F93146C9A6E1E5353660DE1D9ED2
Requests: 95 HTTP requests in this frame

Frame: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2983E968B480589EAF56CB4966A8642E
Requests: 1 HTTP requests in this frame

Frame: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA1BF3D8EEA8BD652C6190E943D6BC7A
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CCCDAD8C4E36953427EBDC427928F453
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B06E9D5276BB80952030E75341383C0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F6009D23935DAF6C7F36C1DC5B084BC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1BB9511452E623DF4F1910129CB9D9BA
Requests: 2 HTTP requests in this frame

Frame: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0DD6CD9707BA704C6C4678FB91CD702D
Requests: 15 HTTP requests in this frame

Frame: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A49945B78382EEC37B3C4F0489F4BBF2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLzdiswBMAE&v=APEucNUSi6lgSuYnFUWIhI8QCNyopQUuDJIkldnDi4G2z2H_dkVt440-3vCH6xx4ZSkO_y09hrfsz3D1P2bt87r5SulXGeGNydHx8iywoGUpKnsvwnFlM7pDKZtSoNgNFh1w7652qUfeIvamHHHS6LqV6TAE-afnYT0Fms-Oo2_QosGH14ss-EwINXUHtfUBzY8AjuFcXMeRwND3_17ZHffRFNSI3DSaPw
Frame ID: CC081BFF3C85218BD8B89AA8808F46EC
Requests: 5 HTTP requests in this frame

Frame: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E97DDB4DFBA433B8D01FA86D9C395FCD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ
Frame ID: F54F2BF887D5E7682BD24B994292897D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNV3pqleRV-uD12Qz_XocvrL6cWnWIbhy3W_vTpcCaZ_IUm4-Q2952vpiruYbwDGu4wOXuApC4ixvwMOY68z9zH0n1QpiBe0lDOZL1uY-9I8WnMW5aHzkxh8UJ8v3sJQ5IkaT7ReP4aXqPRl2kqkyJpGUw0AcM1S6cxfiLqhq3XRnsFRYRJs5yZ81JdkZ-gsxAEdYp5yMIr42W_P7qV2Z2ufU9dyyw
Frame ID: 9629CEEA55D4BCCB433AB78CE4E960AB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F3FE3CC15D756F6CA1431D3A7A81DA5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5FF9FB605EFC196E80CB53B001A55EF2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BE9387CC75C85894B7215E4415FAF9FD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16D1C228CAF576DAC8AD9E6D301DF95A
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s
Frame ID: B3C75192E37268BCC8A9F2EECAC09EFB
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=1964084963;ord=75g2u2;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=62;prcl=s
Frame ID: 522B2518FC6A73F704D263864D3166E0
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CC07779247E56E965D2D5441846637D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 392D28717BF243FC62A9E42479EE4BCF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 42D10B8D28F5B9B111A3DAD8DA6D1314
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 607253A056FC6DA40907F0BC5133B3E2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Frame ID: 18EB5FC30B32FA6BB08A881780621B57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Frame ID: 2FE0EC7FADC878B86437B1CB0033C42B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.craiyon.com
Frame ID: 9D5F03F064DFAEFC817B506FB3AB96F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Craiyon, formerly DALL-E mini

Detected technologies

Svelte (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class=\"[^\"]+\ssvelte-[\w]*\"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

246
Requests

87 %
HTTPS

43 %
IPv6

57
Domains

81
Subdomains

63
IPs

9
Countries

2495 kB
Transfer

6304 kB
Size

60
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://huggingface.co/spaces/dalle-mini/dalle-mini/discussions
Title: Forum

Search URL Search Domain Scan URL

URL: https://www.facebook.com/craiyonai
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/craiyonai/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/craiyonai
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9706.tBHjHisSEWoimafowvEd4L2i06sNCuzjhw-v3UWgc_Rcx9l154XzIsPHUXuFcpfu.MgNfcBRHoiNnFmXov1_c__jgHJ8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9706.nQ6fS7BtXvNNWqMtToa0DpU7df6IEkRpps-E2ZyVi_mtyC9mCosCL7wmtUqob9DMzUtNVSdRWe1nVTXoDYQnKg%2C%2C.XHDoeWQ22e8HEze9XxX68c7Vbc0%2C

Request Chain 63

https://mc.yandex.com/watch/89464952?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A251164998406%3Ahid%3A605009768%3Az%3A0%3Ai%3A20220721153029%3Aet%3A1658417430%3Ac%3A1%3Arn%3A553973017%3Arqn%3A1%3Au%3A1658417430582189647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658417427505%3Ads%3A10%2C55%2C67%2C2%2C%2C0%2C%2C660%2C0%2C1059%2C1059%2C0%2C892%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658417430%3At%3ACraiyon%2C%20formerly%20DALL-E%20mini&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/89464952/1?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A251164998406%3Ahid%3A605009768%3Az%3A0%3Ai%3A20220721153029%3Aet%3A1658417430%3Ac%3A1%3Arn%3A553973017%3Arqn%3A1%3Au%3A1658417430582189647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658417427505%3Ads%3A10%2C55%2C67%2C2%2C%2C0%2C%2C660%2C0%2C1059%2C1059%2C0%2C892%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658417430%3At%3ACraiyon%2C%20formerly%20DALL-E%20mini&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q& HTTP 302
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESELBw8iKZ0dnX64ZpMe4F6Xw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q&

Request Chain 70

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=013&bi=6605175168084564116&j=0

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1&C=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlxF-FK3zJWMIXaa7SCBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEEYm9m1_tsL6sL7jJHmF_w&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYwNTE3NTE2ODA4NDU2NDExNg%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgmBznPi3gfcmqkH_g0SSU&google_cver=1

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEB7sEBdoyw1wWgPv78mj_jc&google_cver=1

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1&__user_check__=1&sync_id=0e40781c-090a-11ed-9f3a-1ee5b9e10406

Request Chain 150

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=0e39c81d-090a-11ed-8295-15758c630406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGUzOWM3OWEtMDkwYS0xMWVkLTgyOTUtMTU3NThjNjMwNDA2

Request Chain 151

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1UckhqUEZoRTJ1SHBKTENheklpVXNVX242UHQxZ1hvcX5B

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEVf7zgxUmVE3QSg15NMO4&google_cver=1&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraDkEEQ-6kqxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraDkEEQ-6kqxw

Request Chain 174

https://um.simpli.fi/gp_match?google_gid=CAESEGCk8AL8TaFUOcSQcOrz46M&google_cver=1&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_YCNpq3oy_rWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0CC416328A64A9DA8EF75FE42F43EB4&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_YCNpq3oy_rWg

Request Chain 175

https://fksnk.com/cs/google?google_gid=CAESECzFGMBoe9me7CHbtJlXkmk&google_cver=1&google_push=AehlK4Cj86q9GkhbEqM1PFcIWP-R680Q3isGMMaLBklP8DA-uiQx8R7KpkRDWmwSXzTb9bnEzOET4s2QmfPTAWSvExP01zyNLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEQwMzlEN0Q2NzlEM0RDMQ==

Request Chain 176

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA2loQ2xXxZNcIlizczbSmk&google_cver=1&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOdFjeDJw5JYutcE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0ODYyOTI3NjY3MDA5NQ%3D%3D&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOdFjeDJw5JYutcE

Request Chain 177

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4CmzxTwQ1rxCbEYNMlfQaby1H-AjY-2GZG23DiP4Sq0z2XLA7nxz36HFNhhJM5wzEUBMpOXZEDDW3kiecUT5uIThjp_Wls HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4CmzxTwQ1rxCbEYNMlfQaby1H-AjY-2GZG23DiP4Sq0z2XLA7nxz36HFNhhJM5wzEUBMpOXZEDDW3kiecUT5uIThjp_Wls HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=bc57944e-1373-42ee-919b-9aee78f6ddef HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=bc57944e-1373-42ee-919b-9aee78f6ddef HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4e545074-d393-422c-b6f6-c0a282b7a543&user_group=1&ssp=google&bsw_param=bc57944e-1373-42ee-919b-9aee78f6ddef HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

Request Chain 179

https://match.360yield.com/match/ebda?google_gid=CAESEOpdlzVmWlAdmqxkKixgPdU&google_cver=1&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb71OAQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOpdlzVmWlAdmqxkKixgPdU&google_cver=1&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb71OAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mOUe1zcBS72bi_tRXT8zLA&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb71OAQ

Request Chain 192

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEVf7zgxUmVE3QSg15NMO4&google_cver=1&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4MNID7jnSdOkN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Bj1i2XEXTgCHfPC3_1-VNg&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4MNID7jnSdOkN

Request Chain 193

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJTy0c1hRSgcWOR8ox_AG2A&google_cver=1&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpvJ9e8H4IGUuU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTZNzhxtT8SNOHgtujrT5w2&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpvJ9e8H4IGUuU

Request Chain 194

https://a.c.appier.net/gcm?google_gid=CAESED1m-ZBGXO2aYwJPLydXWmE&google_cver=1&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd2z23ZQHPex5FCYf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=anc4TFVRN3RBQ0NyWlpjVUdISFpZZw%3D%3D&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd2z23ZQHPex5FCYf

Request Chain 195

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

Request Chain 196

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEcPFY9AoCcvTNZgnk9kWh0&google_cver=1&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtVxrJEm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtVxrJEm&google_hm=ODkyNDc5MjY4MzczMTE3MTc3Ng%3D%3D

Request Chain 197

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ3dh7MkH9acCHZ1Y1Hc27E&google_cver=1&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1&google_gid=CAESEJ3dh7MkH9acCHZ1Y1Hc27E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0OTkwMzQ4MDg2MDQ0MjYyODkzOQ%3D%3D&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1

Request Chain 198

https://ads.avads.net/sync/ggl?google_gid=CAESEAqfiZRTOsS5dPRhappT2Uo&google_cver=1&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FVMgmSp0h7QOSvwKb8zidKzhZC0EQ-Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzI4MzRmOTgtZjEyYS00NTMwLWFjYmQtNjg0YzA3YTRkZTBm&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FVMgmSp0h7QOSvwKb8zidKzhZC0EQ-Z

Request Chain 200

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1&google_push=AehlK4BlBwHCzZGjldOUfuLIMlVvtzSb_4Qd5KOFzEXQVHldZJwk8z3fRsjUBqoFVhXqdTZbMJeUtmo5-03pnUVvbjH6foTjolpn-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA2ODgyNTYyOTA4MzI2MTE5OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1

Request Chain 202

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJTy0c1hRSgcWOR8ox_AG2A&google_cver=1&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMtn6bh0dpqO1v_lg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AmmcvynzQuyfwmBLogTxDA2&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMtn6bh0dpqO1v_lg

Request Chain 205

https://an.yandex.ru/mapuid/google/CAESEDgxsIgZMfXMvj0uWQ_A7Cs?ext-param=AehlK4CYuazrp7omTGEpKbeMYugk0atJVefKdzGwSoQ0KnHT03bQgZnrtm_nJ-1Q8w--LniE3TC98JoPOEJN0dfsr1hGrRjISJo-0g&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEDgxsIgZMfXMvj0uWQ_A7Cs?redir-setuniq=1&ext-param=AehlK4CYuazrp7omTGEpKbeMYugk0atJVefKdzGwSoQ0KnHT03bQgZnrtm_nJ-1Q8w--LniE3TC98JoPOEJN0dfsr1hGrRjISJo-0g&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDgxsIgZMfXMvj0uWQ_A7Cs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 236

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.craiyon.com%2F&domain=www.craiyon.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Ab4QB3x0czdWbWdUSkdtSnN0MFU4Q05raWp0RTNpc21GK0o4TlBzOVFKYStKTnZLQTBXWFgyT2ZORDBhV2M5MnhMd2t4QU9sS1hQMDBDVjQwM2hEa3VHdW9zRU52MldWeEVYd21KRVRkNmtqUW1ZVW5jbWRwUnlOaEZXbG8vcFhBb3YzZ296K3cvdE95RHkzVG52ZEJNd2pJTk5EVmFXdGJXOHlFb2dXZWxLUk5tM3JSc3EvU1MxQ1FzdHhEWEJBQXpOL0VmR1k4VlJFQXJKRHd3aThWVjhQdG51RTJvK2x0SVlQUEtvYW1LYWVHZU1jPXw&cppv=2

246 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.craiyon.com/ 27 KB
9 KB 133ms
67ms Document
text/html 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fa5397b39697c3e64f23693ec690d1a31a027098705c55801aabac94519556

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72e4fa5a698a92b7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Jul 2022 15:30:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZze6OzOlq74h2U9aCCH0lkBk1Bvp%2Fk3yv2M0py1A%2FKZ0Tgmy9Rvl5Yzb68o%2BXnjFjOlWMLPrb7mwDS8P%2B16XC1A2UTseXfNH8FxQddB1nQNH%2FpaO6H%2FpSVRnKOXyLR6ofXMwFJt%2BzEI5uAwKoU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 html2canvas.js Show response
www.craiyon.com/ 197 KB
46 KB 41ms
41ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/html2canvas.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d5cb608589fef83134dec74035052c4d136305d60e46e09a45b3f6dcbcf977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6982
cf-polished: origSize=202024
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"346fbb253b060830a0bb29a54ef982a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ollNVRs%2BvuDdpun%2Bb66elG2XRWF0xbOYhwgo3cHB6sGjZwWzSEG36enGPhEsM4VUaExaFwZBLQFwn8MNRbYkqvs3pUOdplv0O5JcawlNuJzZoMo9ziL%2BepQGL6LRbgPwQhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5b0aed92b7-FRA

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
61 KB 107ms
23ms Script
application/javascript 2a02:26f0:fb::5f65:580b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:580b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv3MtB8ywSkxoFTIcVTwmMCJVLnsqLiokzJPDc1lTU-XBbxh1xIFRlJmFv_ujNnAJO9Rwzbgi9de8Pj1jr87iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
content-language: en
x-goog-generation: 1646327924579580
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 21 Jul 2022 15:35:27 GMT

GET
H2 200 video.js Show response
www.craiyon.com/ 1 KB
842 B 37ms
33ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/video.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee057d0567d7e5f8841ebdbe2cbf81b6c5e88ca7509682430e9f06e319165ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413
cf-polished: origSize=1745
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"317906c974b743551565ce86849df158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=br9OMmEtcmY21nQjWa3nVDmb%2B%2F24%2FL6iGgd%2FvlVbzX4kY6ybKvrt53N2f%2F4jzmCXcriqB5Vi0%2Bm2mYzroSpkFVcu%2BLjuH%2BRLoN6zi8JwGzJqTontCXbOhoRSoVdy7HdLIgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d4b92b7-FRA

GET
H2 200 ad-manager.min.js Show response
hb-ab.vntsm.com/v3/live/ 1011 KB
294 KB 109ms
26ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8331d6f436d8d32f5f06685fb130213c6b7b07f599ecd440f188145868a3e7ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: gzip
x-amz-request-id: 0B2HCD34PKRRTZWM
content-length: 300705
x-amz-id-2: ijw7r5NblGYLU89z6MEa0aJae21uIXpn5rgKfr44PRjtPRqKShSxDDYsWTR22uwBXJVtDPmnZ60=
last-modified: Tue, 19 Jul 2022 14:35:41 GMT
server: AmazonS3
etag: "94de17be8ee92e3a885b9898ec1575bb"
x-hw: 1658417427.cds216.fr8.hn,1658417427.cds268.fr8.c
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-GEO,x-bl,x-geo-subdivision,ref_url,x-db
cache-control: max-age=30
accept-ranges: bytes
access-control-allow-headers: X-GEO,x-bl,x-geo-subdivision,ref_url,x-db
x-geo: DE

GET
H2 200 __layout.svelte-49c665a6.css
www.craiyon.com/_app/immutable/assets/pages/ 39 KB
7 KB 49ms
44ms Stylesheet
text/css 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/assets/pages/__layout.svelte-49c665a6.css

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e3730d64dbe564ca21f9bf9d2a6491abd7d9df953f0f7d505f938feb9983003

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6979
cf-polished: origSize=40516
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"f5a89276c5dfb45d4bff53269012624e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpOR8yU4K1ohEsmskB2xGl6c6BKe%2BG8oc78HC6z0fj6QclQwKe%2BqVvOuk35R488UC0Vmaz3tPVa8rYxDtiV4F2WXinjz8VKQLGntxsYhxC3R9ISTcE8RdyTsy3GGRbB881A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d4d92b7-FRA

GET
H2 200 index.svelte-028300ea.css
www.craiyon.com/_app/immutable/assets/pages/ 30 KB
4 KB 48ms
44ms Stylesheet
text/css 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/assets/pages/index.svelte-028300ea.css

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df23f8d0f8f4cdc7d6bf10e3c41001d7ac54a60f50fe215545689d3c2480bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413
cf-polished: origSize=31118
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"38d38461bb72ba9e9367e9a1611a19e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUjZs3R4HPmL2FWuNwLfgKCWfEE8VxiFNmnuDOFyY4Z4qZzwVr%2B56hzZ2M6TlIkyWnBAytYjV3rwogZyDgo%2FHMFX%2F%2B1UpTJIJsxB9Pt%2BKIqVJd3TrgohJoi5Daeardjvfus%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5092b7-FRA

GET
H2 200 start-74dbb702.js Show response
www.craiyon.com/_app/immutable/ 24 KB
10 KB 52ms
48ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/start-74dbb702.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2bb23b6fecae5ef4dc90967c928b64f388544c6fbcf02e71a8ec9c86e995c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5658
cf-polished: origSize=25043
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"b94bc83108bf631697ff59ff9690f977"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmlcpPE6%2BBjdyeLOdbutL7CQfD0rH12ZVypQ%2FLwFVP6YTjmu1FyqjBzQNs1y2eAgMxKLYbwf5ltkqU8g8icjPhuCw52cEP71aPwmsEJeDM%2FKBdPS4WtrRBHqLw6SGvkpnjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5392b7-FRA

GET
H2 200 index-ecc2c2a2.js Show response
www.craiyon.com/_app/immutable/chunks/ 11 KB
5 KB 57ms
53ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/chunks/index-ecc2c2a2.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea433e611b2b341925fecc3955435f518f5877ad319c3845b32807a329723caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221
cf-polished: origSize=11073
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"d277cb5026b5e032488f5d13a0df9272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6E4hJn5dCWEHn4FdTiZBLuXuOcXjAQGgtF4a8lf82tACPb%2B33AGN%2FJyZKsHeTzPwmLK%2BdQkCUjD79MlDMlyYUwwh57XUmXkypqgjEKXVsDojFuLIK7wA%2FRz%2FkYU0rpkDmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5592b7-FRA

GET
H2 200 index-10576018.js Show response
www.craiyon.com/_app/immutable/chunks/ 441 B
600 B 49ms
45ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/chunks/index-10576018.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02a4496f9210143846d675d1c86629f0eb77e59569e51cf03147ca56a37344b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221
cf-polished: origSize=442
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"9c5825a16902b517e3585251b23ee976"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK%2BOT3fWsFMBZASRfiaxxL4iLby2K0zaNq3olml50P3RhZ4mSUSaqsoC0rbDzZzkWx0rtdESGPe083i24oCeF1y%2B7opccpwEJDWgqLbUVAuHS2sy1WEqm1iOlvVle7SH%2FsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5892b7-FRA

GET
H2 200 __layout.svelte-645acfe5.js Show response
www.craiyon.com/_app/immutable/pages/ 12 KB
5 KB 69ms
66ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/pages/__layout.svelte-645acfe5.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c491f0b2424bf5dd65b8bea110bc1d07577196c9971607318c029dbd6a714a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7028
cf-polished: origSize=12703
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"b5d2a25c65c48265ed0f12255a3b15ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKrzJ73QbolYEPBax%2FZckIpJiIgUkr2XJ3ry2BPjI62uLteJsaOuoQBxX1N07tzRxZLLTTdWsOiAx%2BESPVpnoX3IKa2Ozx3lbyWTUjjNR4UXN9TT2IjCIUQxIZZj%2Fzh5FnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5b92b7-FRA

GET
H2 200 common-5dacaf08.js Show response
www.craiyon.com/_app/immutable/chunks/ 61 KB
13 KB 49ms
46ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/chunks/common-5dacaf08.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

510de752c8f00c6234d5e4cc27af50dd1d7afedbdb70ec49ff8e67d1a28f4e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221
cf-polished: origSize=62525
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"00c1366c4b9cfd3447b5cf91b58660a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsRd%2BFdJJ6dWv62UDGCVnFG3Aoq%2FuXHQ57mZyjxp6O8OcoDUONGIaFdWObZ18Oy%2B3nzhPoCbZEvlAF9U7Ua1FQY1r9OpNL28uiWR5jZDU4djslOf5g8D6C5suTAyrZPlfks%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5d92b7-FRA

GET
H2 200 index.svelte-66ba0329.js Show response
www.craiyon.com/_app/immutable/pages/ 69 KB
23 KB 52ms
49ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/pages/index.svelte-66ba0329.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606b653e044eec1c58df51edb317bfbf23dc156b164f0a53ee89b7c11dcf984f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1934
cf-polished: origSize=70191
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"f4287f17f88100d883c695276ea3205c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak5UFQCggfvWj9d9MazWvP6%2FN6AQ2gHCj1mYsNmoDOQepTW%2Ffi1YBI2Gub7nBXPMrDVQlFQFoFnMoRAjkDeAwejkO35MI9nmxpj%2BsZ6j33Vlp2nGoASaQJv4Q%2FYW8dNGi4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d5f92b7-FRA

GET
H2 200 Newsletter-34721e5f.js Show response
www.craiyon.com/_app/immutable/chunks/ 3 KB
2 KB 66ms
64ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/chunks/Newsletter-34721e5f.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4e3695c4947f5d9bfcd14c3f8744568fd9b55a2a5a49fafa7046b0b4c1f84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221
cf-polished: origSize=3483
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"4ae5a9ecb923de4bbf7c667dceb7a140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isC7ynr1SxWVT%2B7YoekOxXDAs2zonEi5yOguLtF5tvemkasQ92%2BI0dZpIQOAuqeHUfy8kSlrKKNYlpgn%2FJjuATH2fPQzXxdQZaUUxST%2B%2BI1iQIKzqr0mgFjXCTlwdzyaPsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5c0d6292b7-FRA

GET
H2 200 inter.css
rsms.me/inter/ 5 KB
2 KB 100ms
29ms Stylesheet
text/css 2606:4700:3037::6815:8fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id: a1a583fb28e2811dc8b529257f4c206fde84d5a2
date: Thu, 21 Jul 2022 15:30:27 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 463
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA
last-modified: Tue, 12 Jul 2022 15:28:16 GMT
server: cloudflare
x-github-request-id: 9C36:7CD9:72BFDA:76AE7D:62CD9348
x-timer: S1657640181.467614,VS0,VE1
etag: W/"62cd9310-1490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bM9FnBSJ6%2BDsWaLaatwh309VLgi9P8D4RPfcAsD7SqRNE%2BSWwlSRsp3pyn8o%2BULbH5sHlsFfK2wcXiB%2BdSdAAzz86eNU40eDj%2BktPDMMVe4UI4fWhVo9RZR%2FgkGu0NFG4jsbCBE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 72e4fa5c6dbc6925-FRA
x-origin-cache: HIT
expires: Thu, 21 Jul 2022 12:51:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 94ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7EXMWJ4JZ4

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5606f4fc187e4cd05288abac15ad3de1dae44f6840f55ee66c8903371d7c762b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75091
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:30:28 GMT

GET
H2 200 craiyon_logo-9927047c.png
www.craiyon.com/_app/immutable/assets/ 16 KB
16 KB 44ms
41ms Image
image/png 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.craiyon.com/_app/immutable/assets/craiyon_logo-9927047c.png

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9927047cdf285f7ff1bf5a7afb0e7297fb5d4a0c29900c2772b51fc24ff62130

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413
content-length: 16141
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "555910a1cfc06e5a1950b8ba5f3ff534"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWEaSolBRQlHXZNAQ26LKGKYd6G1C7mpf5JqRKrHt2k8cIOGaVh76zvsJ6shCvWHADX4fbd7DWzFlrVJsOf1ITUh9r8%2BBHBbhCLVLom9%2Fd6%2F1DZ%2BPykChHqiKiBmsUBwjCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72e4fa5cbea892b7-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a99715ecbe36e37a3c8790cc39c0d4dd05956f59741aae04bc9e7806963415c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Inter-roman.var.woff2
rsms.me/inter/font-files/ 222 KB
223 KB 73ms
42ms Font
font/woff2 2606:4700:3037::6815:8fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:8fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id: fe1cee9b1fc28c9eebdb251cc33366c0a6eba2f5
date: Thu, 21 Jul 2022 15:30:28 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5882
x-cache: HIT
x-cache-hits: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227180
x-served-by: cache-fra19129-FRA
last-modified: Tue, 12 Jul 2022 15:28:12 GMT
server: cloudflare
x-github-request-id: 265C:7CD9:72BCB9:76AB38:62CD933C
x-timer: S1657646530.996955,VS0,VE1
etag: "62cd930c-3776c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5qxJRcBGE0Zv001P2W6y8LFENACy13HjTWXv7fznMqKjMFR5BwpUghCq7c33hKev0OYBPGU%2BNI5H%2BRljF77CF%2FBtZ3B6VQOFtJgBY0VJGyFtEUlVTjCSskAcdMQkJUQgeUBdA1T"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 72e4fa5cea3492b3-FRA
x-origin-cache: HIT
expires: Wed, 20 Jul 2022 21:15:16 GMT

GET
H2 200 kofi_logo-180d300f.png
www.craiyon.com/_app/immutable/assets/ 51 KB
52 KB 38ms
37ms Image
image/png 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.craiyon.com/_app/immutable/assets/kofi_logo-180d300f.png

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180d300fc1e929b5b055e098eaa9591a9b57555b2386e3db53a1b5ff190e79b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
content-length: 52621
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "3fb723caca1553c8fde8cd42a7ab7cf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BumKxpKA9bKEm2YNBG5nENcE7Ayd85u8yajjwqF9QlnFfs6BxYy4q8fkIn6rruIi5Un3YKZ%2FjAmBpOollx9LCz9j4uhpnMNaAWgWS4wh3wgmhu1IJxRvHlvHXFVxagpKxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 72e4fa5d4fe092b7-FRA

GET
H2 200 email-decode.min.js Show response
www.craiyon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Jul 2022 15:21:24 GMT
server: cloudflare
etag: W/"62d185f4-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FdrbPbDPt3YNgJtxgmOEGcpIZ5DwNXEzUSeC3%2FjuZOG0uzl9VwBrdjU1WpayKSPF6pebpYvjah6fh94aDKMXyGFoX%2FDzy4G6vcTUPc%2FbPMtj%2Fu8%2F6XPrsMkMPDPM2NOJ4kJQIuc%2FSaa2xHfvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72e4fa5d4fe392b7-FRA
vary: Accept-Encoding
expires: Sat, 23 Jul 2022 15:30:28 GMT

OPTIONS
H/1.1 200
OK 62c7fce5d6ae9f14ce28faa4.enc
hb.vntsm.com/v2/live/ Frame 0
0 232ms
138ms Preflight
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/62c7fce5d6ae9f14ce28faa4.enc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ref_url
Access-Control-Request-Method: GET
Origin: https://www.craiyon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: ref_url, X-Geo,Content-Type,x-bl,x-geo-subdivision
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ref_url, X-Geo, Content-Type,x-bl,x-geo-subdivision
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Thu, 21 Jul 2022 15:30:28 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
X-HW: 1658417428.cds291.fr8.hn,1658417428.cds291.fr8.hn,1658417428.cds263.fr8.sc,1658417428.cds263.fr8.p,1658417428.cds291.fr8.sl
venatus-cdn-hb-rule-version: 1.1
x-bl: 0
x-geo: DE
x-ip: 217.114.218.24

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
741 B 104ms
34ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
cf-cache-status: HIT
age: 647
cf-ray: 72e4fa5eae52903a-FRA
content-length: 32
x-amz-id-2: 3DK7w2qU18KwWWL3RxVTE9ICWNQ/U/GzPCVarMiO09DhgzHSmJSVaCMj2V3teWWtCNdICP6f+OE=
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: Q9PTGGDGQBR1FRPF
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, origin, Origin
cache-control: max-age=14400
accept-ranges: bytes
content-type: text/html

GET
H/1.1 200
OK 62c7fce5d6ae9f14ce28faa4.enc Show response
hb.vntsm.com/v2/live/ 12 KB
5 KB 739ms
737ms XHR
text/plain 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/62c7fce5d6ae9f14ce28faa4.enc
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: BunnyCDN-IL-463 /
Resource Hash: 9e3575c16a0171bbdf0c7dd2fc09673620f416a275c365bf1ad98d46bf7c0f7d

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
ref_url: aHR0cHM6Ly93d3cuY3JhaXlvbi5jb20v

Response headers

Date: Thu, 21 Jul 2022 15:30:29 GMT
Access-Control-Allow-Methods: GET, OPTIONS
cdn-edgestorageid: 463
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Transfer-Encoding: chunked
cdn-cachedat: 07/21/2022 12:07:23
cdn-pullzone: 131999
Connection: keep-alive
Content-Encoding: br
Server: BunnyCDN-IL-463
Access-Control-Allow-Headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
Last-Modified: Thu, 21 Jul 2022 07:28:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
ETag: W/"cc50a080458f8b7cf6ce7c6c5227019b"
Vary: Accept-Encoding
X-HW: 1658417428.cds291.fr8.hn,1658417429.cds291.fr8.sl
Content-Type: text/plain
cdn-cache: HIT
x-bl: 0, 0
Cache-Control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: b8b6a9b876c81f8fb7f2c687fba8b193
Access-Control-Allow-Credentials: true
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 115ms
62ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.craiyon.com/
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 72e4fa5f1bc19a0b-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 83ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7EXMWJ4JZ4&gtm=2oe7i0&_p=149143219&_z=ccd.v9B&_gaz=1&cid=253240124.1658417428&ul=en-us&sr=1600x1200&_s=1&sid=1658417428&sct=1&seg=0&dl=https%3A%2F%2Fwww.craiyon.com%2F&dt=Craiyon%2C%20formerly%20DALL-E%20mini&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7EXMWJ4JZ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 104ms
40ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7EXMWJ4JZ4&cid=253240124.1658417428&gtm=2oe7i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7EXMWJ4JZ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 83ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-232341591-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7EXMWJ4JZ4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a6a7642e2b27f6b563bf2f1018d7298ba409477be78880368d78c4f370b9b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42133
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:30:28 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 112ms
49ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7EXMWJ4JZ4&cid=253240124.1658417428&gtm=2oe7i0&aip=1&z=1728168129

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __error.svelte-226d59f2.js Show response
www.craiyon.com/_app/immutable/pages/ 3 KB
2 KB 38ms
35ms Script
application/javascript 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/_app/immutable/pages/__error.svelte-226d59f2.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/_app/immutable/start-74dbb702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8b2dc19720cb0dd5baec5b4d103939c37e5a08ec2b8401bc54c543d28c6f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.craiyon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220
cf-polished: origSize=2746
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"18bae9bf938cc3252b9874affe6c54a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrbdeoJEhL4vPKSPj7pDpSwni6uswW18ydc%2FSOVygyxsUO2k5ZJtO67NkpVgbCZACzqnWzfEVhyEtufCb2slHUXQhprZX9342O4f50NMtNP4jIbrxaBRoZ4Mk1eAQKgXu%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 72e4fa5f0b6092b7-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 87ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232341591-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1708
date: Thu, 21 Jul 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 17:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 77ms
30ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=149143219&t=pageview&_s=1&dl=https%3A%2F%2Fwww.craiyon.com%2F&ul=en-us&de=UTF-8&dt=Craiyon%2C%20formerly%20DALL-E%20mini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=225543020&gjid=1318698726&cid=253240124.1658417428&tid=UA-232341591-1&_gid=1054622783.1658417429&_r=1&gtm=2ou7i0&z=1205483404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
www.craiyon.com/cdn-cgi/ 0
190 B 25ms
24ms XHR
text/plain 2606:4700:20::681a:ae5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.craiyon.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Thu, 21 Jul 2022 15:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.craiyon.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 72e4fa60aecf92b7-FRA
vary: Origin

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 93ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

e81bfeff96644ad08801985152088086c7b8a63b9b9cb935d80f0dd2eae18557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28352
x-xss-protection: 0
server: sffe
etag: "1279 / 848 of 1000 / last-modified: 1658401714"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Jul 2022 15:30:29 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 307ms
122ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9e64760d7802c3b98152c8ba9ea87a2ffc111897a2d9e0f109766a4d36bb52e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-1182c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71724
expires: Thu, 21 Jul 2022 16:30:29 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 124ms
41ms Script
application/x-javascript 54.192.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-99-67.arn1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 36471
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Thu, 21 Jul 2022 05:53:05 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: ARN1-C1
content-type: application/x-javascript
x-amz-cf-id: DEk8PwgmxpJz2FQ6RB_AXufLMjRKb1k9fDb9kinyodv-62L5SFIwPg==

GET
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 57 B
0 64ms
20ms Fetch
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:29 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 021fafe8-a539-480b-81c9-429cd73e8ddd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 57
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 21 KB
8 KB 222ms
89ms Script
application/javascript 54.192.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-99-123.arn1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: zJnj9IdW5bQWUqea2aMpKS.72qNKKrMo
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 06:40:58 GMT
server: AmazonS3
age: 46296
etag: W/"ca34304b059a43ff8e7d8cd71f2c58c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 05c02ade53b3395a9e9f2e8f66c7e4d0.cloudfront.net (CloudFront)
date: Thu, 21 Jul 2022 02:40:03 GMT
x-amz-cf-pop: ARN1-C1
x-amz-request-id: RKYW5SSD4B92JH4A
x-amz-cf-id: x_tjeFTeOv7rxKK1f5lfAariOyHf178swbIbvNyshP9248d3IS4uyw==
x-amz-id-2: iTFfhKlkG/ffTi7fvk4/LlJoyVCLVpDheAfcnLrpqULo7uQ7+P+m+nmjrn6Te4n8mHBYWeA0GHw=

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 118 KB
41 KB 92ms
33ms Script
application/javascript 2600:9000:2250:fe00:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fe00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1939ab11a008bffd50d8ba6c1ebcb7f6d2c397c5d1754de106933d414b5a3840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:18 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 15:28:16 GMT
server: AmazonS3
age: 12
etag: W/"aeeaaa374ab4120bd3f2effd8810208b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: F9L4QGNUwgu5ZMAczpTokdSc9DzosoTxS_fG8g5J-EcSyqPVkj0i4g==

GET
H3 200 pubads_impl_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 72ms
24ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131644
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Jul 2023 10:51:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 187 B
142 B 84ms
34ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.craiyon.com

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0a309a80d394c9710e00faab70c292548c4a9cd29383d7618456509fa40b0882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:30:29 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 86ms
30ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 01:05:00 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront), 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
age: 51929
x-amzn-requestid: 5649586b-a40a-4380-8bbb-f1d4d9a25853
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d8a63c-530d257a3bf5670b502d9861;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1, FRA60-P3
x-amz-apigw-id: Vl7pbEq9joEFSKA=
content-length: 30
x-amz-cf-id: RXIV-EmmCw0XbJMWn5l0KxJgR7KbFqj2zljMAXMD4uOgJGgxfJ6wfg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 156ms
111ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 167ms
112ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.craiyon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 21 Jul 2022 15:30:29 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 424ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.craiyon.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 418ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.craiyon.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
34 KB 336ms
335ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904887552514535&correlator=146278511454125&eid=31068457%2C31068502&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&iu_parts=21726375739%3A22768758422%2CVM_62c7fce5d6ae9f14ce28faa4&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=196815244&sfv=1-0-38&ecs=20220721&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658417429474&lmt=1658417429&dlt=1658417427646&idt=1783&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.craiyon.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=253240124.1658417428&ga_sid=1658417429&ga_hid=149143219&ga_fc=true

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c9eb739c71d5b440acf62f41ce9daa84fc260711d9a1bfec6c0176bc6167b6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34660
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 407ms
39ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071801&st=env

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5deced519f325874cb3fc94deae7bc0176c606ef9a1f2583cb3c28ab095c9e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10969
x-xss-protection: 0

GET
H2 200 container.html Show response
5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2983 6 KB
4 KB 122ms
31ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:29 GMT
expires: Fri, 21 Jul 2023 15:30:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 29ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022071801.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

31d3f736f8310c4b46d9254b1732d63335b310c1010a297d385275a330088bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13565
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Jul 2023 09:11:23 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
939 B 376ms
31ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1132236
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1O02AHF%2F06E%2B1CixD0gqoXqwBWB2yHR7EccyJckkxrclsYyy4fIMNGarBLsgaWZshUCMfLtd72Eh0RCT1bYwzr%2BneTYCFKQcdWa4hPOjnRwdcPq0plSRqbceuIlGLsMcatE38do7ZOX%2FCkM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 72e4fa68aa969001-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 151ms
107ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

112ba58942b5ad66722fb6a34c7f9186fd97f1eb1744c8ebac3f88269a517dae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:29 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9171615f-4260-4cbe-a1a5-7cb9f6e0afb0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 725ms
274ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 9 KB
5 KB 195ms
150ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

272baa20add9a849ff6f3ef3c259c7122a403d57589daad354e5db1fbcc5e9d8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 Jul 2022 15:30:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bd0d5177-2ce9-4647-84ef-e32e099755f9
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 461ms
123ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160036&zone_id=767290&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!venatus.com,62c7fce5d6ae9f14ce28faa4,1,,,&eid_pubcid.org=2214bc1f-8217-44de-9294-cd835dfdeb67%5E1&rf=https%3A%2F%2Fwww.craiyon.com%2F&tk_flint=pbjs_lite_v6.28.0&x_source.tid=1c92d054-adfd-49e4-93ae-cff5fe70ea32&l_pb_bid_id=10bd994c621a9f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24168621841328597
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6d9d91990f54994af7c1ffd9bf512d2cce0edf8de21780e2bd44921da7cdfd45

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:29 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
848 B 387ms
47ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221221ee1e7bc8c9a%22%3A%225c3986d1c2b45d45777d%7C970x250%2C970x90%2C728x90%22%7D&ref=https%3A%2F%2Fwww.craiyon.com%2F&s=27ac5d4c-10e7-4af3-b903-82344d4be6b7&pv=ca29a14e-2c22-463c-99fb-7cd3873395ba&vp=desktop&lib_name=prebid&lib_v=6.28.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262c7fce5d6ae9f14ce28faa4%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%222214bc1f-8217-44de-9294-cd835dfdeb67%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222214bc1f-8217-44de-9294-cd835dfdeb67%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

70443017240b034e46ed9559c83dee0ba2a14c92b4a4b5752bd39c50ce598a57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:29 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
277 B 408ms
96ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:29 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 67
vary: origin, Accept-Encoding

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 402ms
94ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 52b28d404d91d345dcc919d0cb679ea11f9e9a6a93b565787b6c0df71c004da0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 354ms
45ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.28.0&cb=84455675839

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
351 B 421ms
114ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b9JMAGD-Kr6ykYaKkGJozW
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 54703d809fdcf3b2ba1e5a8da44783c9c4acbe231dd858d3d4b2017a5c366f68

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 pb Show response
ad.360yield.com/ 0
169 B 345ms
47ms XHR
text/plain 46.137.141.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.141.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-141-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:29 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2

200

/ Show response
mydmp.exelator.com/on-site-tag-load/
Redirect Chain

https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1

1 KB
2 KB

40ms
40ms

XHR
application/x-javascript

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 5c4aeeed716fd4ab49ff01d437362c102d922b9f91e74bacd30a95bbbd644ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

Redirect headers

date: Thu, 21 Jul 2022 15:30:29 GMT
server: nginx
x-powered-by: Undertow/1
location: https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif;charset=UTF-8

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9706.tBHjHisSEWoimafowvEd4L2i06sNCuzjhw-v3UWgc_Rcx9l154XzIsPHUXuFcpfu.MgNfcBRHoiNnFmXov1_c__jgHJ8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9706.nQ6fS7BtXvNNWqMtToa0DpU7df6IEkRpps-E2ZyVi_mtyC9mCosCL7wmtUqob9DMzUtNVSdRWe1nVTXoDYQnKg%2C%2C.XHDoeWQ22e8HEze9XxX68c7Vbc0%2C

75 B
75 B

64ms
64ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9706.nQ6fS7BtXvNNWqMtToa0DpU7df6IEkRpps-E2ZyVi_mtyC9mCosCL7wmtUqob9DMzUtNVSdRWe1nVTXoDYQnKg%2C%2C.XHDoeWQ22e8HEze9XxX68c7Vbc0%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9706.nQ6fS7BtXvNNWqMtToa0DpU7df6IEkRpps-E2ZyVi_mtyC9mCosCL7wmtUqob9DMzUtNVSdRWe1nVTXoDYQnKg%2C%2C.XHDoeWQ22e8HEze9XxX68c7Vbc0%2C
date: Thu, 21 Jul 2022 15:30:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
111 B 62ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Jul 2022 16:30:29 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/89464952/
Redirect Chain

https://mc.yandex.com/watch/89464952?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agd...
https://mc.yandex.com/watch/89464952/1?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3A...

338 B
420 B

62ms
61ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/89464952/1?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A251164998406%3Ahid%3A605009768%3Az%3A0%3Ai%3A20220721153029%3Aet%3A1658417430%3Ac%3A1%3Arn%3A553973017%3Arqn%3A1%3Au%3A1658417430582189647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658417427505%3Ads%3A10%2C55%2C67%2C2%2C%2C0%2C%2C660%2C0%2C1059%2C1059%2C0%2C892%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658417430%3At%3ACraiyon%2C%20formerly%20DALL-E%20mini&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

84b9ab5916dbea0e9dd1c7cb07cc6e72edec3e93d36b1b14475208ba0f5e4576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 21-Jul-2022 15:30:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 21-Jul-2022 15:30:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:29 GMT
last-modified: Thu, 21-Jul-2022 15:30:29 GMT
location: /watch/89464952/1?wmode=7&page-url=https%3A%2F%2Fwww.craiyon.com%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A526%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A251164998406%3Ahid%3A605009768%3Az%3A0%3Ai%3A20220721153029%3Aet%3A1658417430%3Ac%3A1%3Arn%3A553973017%3Arqn%3A1%3Au%3A1658417430582189647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658417427505%3Ads%3A10%2C55%2C67%2C2%2C%2C0%2C%2C660%2C0%2C1059%2C1059%2C0%2C892%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658417430%3At%3ACraiyon%2C%20formerly%20DALL-E%20mini&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.craiyon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 21-Jul-2022 15:30:29 GMT

GET
H2 200 container.html Show response
5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA1B 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:29 GMT
expires: Fri, 21 Jul 2023 15:30:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 106ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:30 GMT

POST
H2 200 log
onsite-tag-logs.apps.nielsen.com/ 0
264 B 407ms
124ms Ping
application/octet-stream 44.196.105.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite-tag-logs.apps.nielsen.com/log
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.105.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-105-178.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
server: nginx/1.16.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 sync
sync.teads.tv/ex/ 2 B
162 B 149ms
45ms Image
text/plain 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 21 Jul 2022 15:30:30 GMT
server: akka-http/10.2.7
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 160ms
50ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&;ttd_tpi=1&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q&
https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESELBw8iKZ0dnX64ZpMe4F6Xw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q&

170 B
188 B

74ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q&

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:30:30 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=NzNlZTJkNTI2YjYzMzY3NDFhYzBmYWY0NWY4ZTZhN2Q&
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
https://loadm.exelator.com/load/?p=204&g=013&bi=6605175168084564116&j=0

0
1 KB

85ms
24ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=013&bi=6605175168084564116&j=0
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:29 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3af3b8e0-cdc7-40d7-882c-0e44ed0e4306
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://loadm.exelator.com/load/?p=204&g=013&bi=6605175168084564116&j=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 195ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=73ee2d526b6336741ac0faf45f8e6a7d&p_id=28539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 106
date: Thu, 21 Jul 2022 15:30:29 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f7fc79c64d27e2d1a35ac30578733b721106ce988d2e6673b84e217be4ec591c
content-length: 43

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
312 B 51ms
51ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.28.0&cb=79240199361

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ 87 B
126 B 169ms
118ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b9JMAGD-Kr6ykYaKkGJozW
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 607350c04fd978469d932bca76140d588294bb3103e9240115b2cc127ffe06d6

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H3 200 hb Show response
ssc.33across.com/api/v1/ 87 B
126 B 168ms
118ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b9JMAGD-Kr6ykYaKkGJozW
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 607350c04fd978469d932bca76140d588294bb3103e9240115b2cc127ffe06d6

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 pb Show response
ad.360yield.com/ 0
168 B 46ms
45ms XHR
text/plain 46.137.141.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.141.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-141-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:30 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 pb Show response
ad.360yield.com/ 0
168 B 46ms
46ms XHR
text/plain 46.137.141.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.141.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-141-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:30 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
695 B 108ms
105ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160036&zone_id=767290&size_id=9&rp_schain=1.0,1!venatus.com,62c7fce5d6ae9f14ce28faa4,1,,,&eid_pubcid.org=2214bc1f-8217-44de-9294-cd835dfdeb67%5E1&rf=https%3A%2F%2Fwww.craiyon.com%2F&tk_flint=pbjs_lite_v6.28.0&x_source.tid=98b11b86-3c6d-4c0b-8f57-756e6c8e115f&l_pb_bid_id=35f1c327b229c11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4313586441327313
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6b01967283729d1eb539109dcb67a83fe8aa5e6ff6f844202b52f9eb7186f353

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
695 B 222ms
154ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160036&zone_id=767290&size_id=9&rp_schain=1.0,1!venatus.com,62c7fce5d6ae9f14ce28faa4,1,,,&eid_pubcid.org=2214bc1f-8217-44de-9294-cd835dfdeb67%5E1&rf=https%3A%2F%2Fwww.craiyon.com%2F&tk_flint=pbjs_lite_v6.28.0&x_source.tid=be84c023-1c64-4a83-8de2-41f0e33697db&l_pb_bid_id=366d43dfbe6ccb1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.003308719275090688
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f6f2f035829a80f0f5091e010ccbca305f6cac9baa6f78ea47050534a23ade64

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 93ms
91ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:29 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 61
vary: origin, Accept-Encoding

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 116 B
667 B 49ms
48ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224177d77dce46966%22%3A%225c3986d1c2b45d45777d%7C160x600%22%2C%2242096e922d6b5fe%22%3A%225c3986d1c2b45d45777d%7C160x600%22%7D&ref=https%3A%2F%2Fwww.craiyon.com%2F&s=cd533a0e-8bca-4c57-a3d7-383b52600eb5&pv=ca29a14e-2c22-463c-99fb-7cd3873395ba&vp=desktop&lib_name=prebid&lib_v=6.28.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262c7fce5d6ae9f14ce28faa4%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%222214bc1f-8217-44de-9294-cd835dfdeb67%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222214bc1f-8217-44de-9294-cd835dfdeb67%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

6083b89f281e28a284b0fdcaadbcd289c4cac69e05ff7be10d2f164b3f9b1157

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 141
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 29 KB
9 KB 335ms
335ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a76f139069a8ed8d88c75f7f99974478c27ca15ae94dc1234f1ffee67523be5d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8d3be55c-aeb1-4617-bec4-e2c39916e38a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.craiyon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 168ms
96ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 237ms
68ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:29 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ 16 B
165 B 164ms
45ms XHR
application/json 54.170.63.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.63.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-63-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:30 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 81ms
32ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513027
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx91b08c04658e4f9ba057b-0062d19cab
x-amz-id-2: tx91b08c04658e4f9ba057b-0062d19cab
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wpTlxyDs5Ze0EjKtF483%2Fp7NT12AHqMxuji%2F6Ie%2Fhr5iooMYPMIx%2F9ZZleQLPTN5L45p7gOgfY5VW2oK0Wr16K60RrqM4kxco2HnWlRy48%2BOcchX2ETcfpYCy751ixI%2FCNGpYod1qBSbGEe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 72e4fa6a4dd29004-FRA
access-control-allow-headers: Authorization

GET
H2 200 css2
fonts.googleapis.com/ Frame CA1B 4 KB
1 KB 92ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 15:11:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 15:30:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CCCD 8 KB
966 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 15:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 15:30:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame CCCD 2 KB
902 B 88ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:26:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame CCCD 21 KB
9 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:22:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame CCCD 3 KB
1 KB 86ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:18:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCCD 137 KB
43 KB 96ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame CCCD 17 KB
7 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:22:44 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame CCCD 30 KB
13 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 21:51:08 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame CA1B 19 KB
8 KB 73ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:02:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA1B 205 B
518 B 73ms
26ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:27:30 GMT
x-content-type-options: nosniff
age: 7380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jul 2023 13:27:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA1B 604 B
693 B 72ms
27ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:27:10 GMT
x-content-type-options: nosniff
age: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jul 2023 15:27:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B06E 13 KB
5 KB 40ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:04:13 GMT
expires: Fri, 21 Jul 2023 13:04:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F60 783 B
1 KB 94ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00ff5280d2f74d2f07582c57906d940a065eb692ae0dd93680b86269eb0887d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AkNlBw0fQ_OW0tN7J7Pwcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-AkNlBw0fQ_OW0tN7J7Pwcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:30 GMT
expires: Thu, 21 Jul 2022 15:30:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BB9 143 B
426 B 74ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:10:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame B06E 36 KB
14 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 106ms
57ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.craiyon.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 101ms
54ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.craiyon.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 371ms
371ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904887552514535&correlator=2637247482113386&eid=31068457%2C31068502&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22768758422%2CVM_62c7fce5d6ae9f14ce28faa4%2CVM_62d192d4df7531678aa1175c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=2537007649&sfv=1-0-38&ecs=20220721&fsapi=false&prev_scp=hb_pb%3D0.04%26hb_adid%3D62d192d4df7531678aa1175c-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D06171d5e-v6.28.0_fr%26pg_ld_id%3De2df8da4fff954d8ed2616ff255ffe09%26mo%3Dscan%26ac_id%3D62c7fbddd6ae9f14ce28faa1%26si_id%3D62c7fce5d6ae9f14ce28faa4%26pl_id%3D62d192d4df7531678aa1175c%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-07-21%252007%253A28%253A39%26ta_si%3D728x90%26rt_sh%3D0.65%26di_sh%3D0.65%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie=ID%3D3479a71c1e7594ec-22aba698d6cd00dc%3AT%3D1658417429%3AS%3DALNI_MbuX2K9BzmNIQLIq3JByLFBLkgCRQ&abxe=1&dt=1658417430291&lmt=1658417430&dlt=1658417427646&idt=1783&adxs=436&adys=98&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.craiyon.com%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&rtgs=1&max_w=970&max_h=250&min_w=728&min_h=90&ga_vid=253240124.1658417428&ga_sid=1658417429&ga_hid=149143219&ga_fc=true

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb1337be39aec9a4a20a936dd9c3d536ef127b8b44c5be87619aba23a18d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12412
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
15 KB 377ms
376ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904887552514535&correlator=2060267757096793&eid=31068457%2C31068502&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22768758422%2CVM_62c7fce5d6ae9f14ce28faa4%2CVM_62d68b2e22cd1519a5097cc4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&adks=3040571525&sfv=1-0-38&ecs=20220721&fsapi=false&prev_scp=hb_pb%3D0.07%26hb_adid%3D62d68b2e22cd1519a5097cc4-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D06171d5e-v6.28.0_fr%26pg_ld_id%3De2df8da4fff954d8ed2616ff255ffe09%26mo%3Dscan%26ac_id%3D62c7fbddd6ae9f14ce28faa1%26si_id%3D62c7fce5d6ae9f14ce28faa4%26pl_id%3D62d68b2e22cd1519a5097cc4%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-07-21%252007%253A28%253A39%26ta_si%3D300x250%26rt_sh%3D0.65%26di_sh%3D0.65%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26st_ty%3Dvert&eri=1&sc=1&cookie=ID%3D3479a71c1e7594ec-22aba698d6cd00dc%3AT%3D1658417429%3AS%3DALNI_MbuX2K9BzmNIQLIq3JByLFBLkgCRQ&abxe=1&dt=1658417430407&lmt=1658417430&dlt=1658417427646&idt=1783&adxs=100&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.craiyon.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&rtgs=1&max_w=160&max_h=600&min_w=160&min_h=600&ga_vid=253240124.1658417428&ga_sid=1658417429&ga_hid=149143219&ga_fc=true

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8bd2b69e1a76b5a131defdd08e456f082a67e960779cfde9f7d2b36d31cdf5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14842
x-xss-protection: 0
google-lineitem-id: 6031079515
pragma: no-cache
server: cafe
google-creative-id: 601645929991
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
15 KB 343ms
343ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3904887552514535&correlator=2036046457017595&eid=31068457%2C31068502&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22768758422%2CVM_62c7fce5d6ae9f14ce28faa4%2CVM_62d68b2e22cd1519a5097cc4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=4&adks=3040571524&sfv=1-0-38&ecs=20220721&fsapi=false&prev_scp=hb_pb%3D0.06%26hb_adid%3D62d68b2e22cd1519a5097cc4-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3D06171d5e-v6.28.0_fr%26pg_ld_id%3De2df8da4fff954d8ed2616ff255ffe09%26mo%3Dscan%26ac_id%3D62c7fbddd6ae9f14ce28faa1%26si_id%3D62c7fce5d6ae9f14ce28faa4%26pl_id%3D62d68b2e22cd1519a5097cc4%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-07-21%252007%253A28%253A39%26ta_si%3D300x250%26rt_sh%3D0.65%26di_sh%3D0.65%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26st_ty%3Dvert&eri=1&sc=1&cookie=ID%3D3479a71c1e7594ec-22aba698d6cd00dc%3AT%3D1658417429%3AS%3DALNI_MbuX2K9BzmNIQLIq3JByLFBLkgCRQ&abxe=1&dt=1658417430410&lmt=1658417430&dlt=1658417427646&idt=1783&adxs=1340&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.craiyon.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&rtgs=1&max_w=160&max_h=600&min_w=160&min_h=600&ga_vid=253240124.1658417428&ga_sid=1658417429&ga_hid=149143219&ga_fc=true

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ad0e24c4a9ac1c60bf0100cf4162bf43d530628862b1ec268312406127986681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14915
x-xss-protection: 0
google-lineitem-id: 6031079515
pragma: no-cache
server: cafe
google-creative-id: 601645929991
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B06E 0
9 B 22ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3llIRQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F60 0
0 87ms
86ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071801&jk=3904887552514535&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

141ms
92ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:30:30 GMT
expires: Thu, 21 Jul 2022 15:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:30:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DD6 6 KB
3 KB 67ms
23ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:29 GMT
expires: Fri, 21 Jul 2023 15:30:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A499 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:29 GMT
expires: Fri, 21 Jul 2023 15:30:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CC08 624 B
297 B 35ms
35ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLzdiswBMAE&v=APEucNUSi6lgSuYnFUWIhI8QCNyopQUuDJIkldnDi4G2z2H_dkVt440-3vCH6xx4ZSkO_y09hrfsz3D1P2bt87r5SulXGeGNydHx8iywoGUpKnsvwnFlM7pDKZtSoNgNFh1w7652qUfeIvamHHHS6LqV6TAE-afnYT0Fms-Oo2_QosGH14ss-EwINXUHtfUBzY8AjuFcXMeRwND3_17ZHffRFNSI3DSaPw

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0DD6 14 KB
11 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUWK6_xV5OWD0GjNjsxbYbp4-wrUvBFS9aSxgJ-B1WsXGtt_Lys_inR2G9elOD6IK6E49g87ko-vyQqo8ASC-Fh4py4Z_uvvbBoraDeWEiJV8QYjjVVoqP_QTyR2nu0bMi5MRUbk9w0JcVWFDRMx1VNUh-sA&cry=1&dbm_d=AKAmf-Bxd-ZvrZ-c_LQ1yYA5KbD024HrVHDIDEvycSEWgW2CZ9ysibQtE8C-bpT614hXUXi3ock-GkZHVnEu9TP6zDzHGe7p6cD0gC_g-pNMRMUC-tFz9Jk_j-jSpan3ig3rzsnnY6COr0mz2YCqBlzNkChDxlK59RcBzonJeqmeE_-MmBZRgegILEI2XwM_LwbU6yVXewg7RWg1HW0eHsb9QRrgrjVLxm-VTJS7o4Wd5P1UmiTUdM5J_mSmn3nIKVGM-7bzpv5zy2HdZmAnEGbmfYZSBJw6rEIftvdUdn_YJpLh2s2zeunILUM61G3jeu3TLKaJVmV_uNyc83OF9QMOVvpBg8wNDhrcxYJEVS2mDGFRvfeCZ3-vYehnya88dnWFOOYVh6PfLG_cjHr9RWk_axUzAMCimOkajMtPuHiTZa5wdzlGWhSx5Xd91t_98HBWD5EYSftcMci8PPipYRkfj7F9IMBZB2CZ8Em7Cx68ZeJkstMgzARmgwOXvLrS45SyaCJf4YySp4AFcCgltQvo5ehTTXCOtcNXyqUaSse8IHuQQs7bLxpFIH2Q_p-gxYLKN1PnNI1eEwyDQa7a6saMMWRP_ojxNDpUa5T3wgCXooDt2ipcwEhAa0SsFh20WiqgMU43YbjCed8-xYNqVex7Wd5u0Z-_EiNvO2-gp8d6xR_0CFvmEx2OxuxPnwbpxK3tllApSVlFnOryEFgDyd97HJYcGWLvPoqKHJ56QcXbvBQRJY3gphN4m8V1I7s5W-S0ROstt1TqfQC8wKj27C05DBTvoflWJ3HKt6vVr7B4r4dTlERfs6FTUlRlr-FlXW_Snag6K7jFffgid8QB7lioQrR9I-3TJQnANLX0mFPfEJ_8j5oPwBZHXbvl0TGx51QcUTSt-q_6xpbtWo5AvkEWeVUw4cQtv5WbpVtSKUGSA6iUwHMyaVryZVn-OQThci-hSViN6Wcksznsq9eNfV5duFzw-K3w-cBktwAtSMJW1RRnjQtEep7AxzfCNuhRo3cxYt4K9IMBrhfbn9gBcP0RbYWQfUeYYErhExT9kyknQaVs8lwNI6Dhdk_5xXP6SuJk7k1UEyCsYHX989aTTQoax_S6MYdOb2vT8cK2OEBjYwcf8iwA5JbroZeKXZHvalHsbtG0eYmMhGZRmDTZdPEbCkSYUpH8kDp8Wac-__iYRx07cf3LkcxKj9qftgolrGoqEW-BQel91ZLU3WkYm8PWmGvfQlQRv4e3DAxLrcKxDLUqzGZFKw-Kd3KBRHRpDBnSyIP4imkx8fAGdyNWgxx50Yc_EHLa5m3FOihnvpLEpxA8QRpHBIjycnRXmDVVvG8GfZI5GqyqEwja1nXfZQLYeoF85AHZsEZmNJ7BHzKurH6lhHXrcOi9_UiLNKUSM2vxdQcZ3sN9UDBfiIu35WuJsPU8g3kqWi0hC1icU7ueB7u5nx4Pad93Tt7clFV_UxeSHM6u3KlciuRQVnirKdHUCy5_Acnse_nNmsmI2X8zfBR7ssGmvzXCtmT30FLp9YSEOlqKUUKZ6wxdD2VLZiOUI5jC7NuMW0kALETym8Z8BsPVlPYgzBDh3NHItD183Ktw2Vh14pqGmG4Wy9Y-lUuH6T-q6TBWTJSjXWqaaPhsi9Qj8IxKP7EXmQIfYkWED2wtRIY_X4w-ByGTiHs2xC6jLvrnODCP8xWnC11GHDIctVe-IvU4LFsx9yJ5xfIciFGnrdnuyCQos85oVoZugmYomurJc7HpE94kRqK5Y36X5R4WwH7SrUSo2bHR9GSuTlbqJQINfljH1vpwrv7oI2BmryHErpVmC_5ta7a5W0xXKeBMMjHH8L3sIfIPzpTnSisRfKxcJofiZlNC7WR3rBbKpVWqIDMaCn4-xhf01o3O0xgHKOIyqa2Jlm3u9bjTX3LZ_gXuH_l2P2uy-0be481NuF5oQGo4fmveOVKda3ORBvCC8ZN4LPh3Ljqu6_Rg7OMEmZXMUDKPju1dZOhP6BWQVxw7WWQ07ZEybuBpf37TeizAjtpYYDuBve6bD9DlvKCnXAhaB6JZ1A5ODp14Tg5YfEEIceOHQHbz2TjR71dthmIJuADZvI8tToD_s78T4yD0vsUA0YGcUTKCHULfhay-StRHeWoliktIPKltjdo83Cgqs8NR-3WUEeYbnN9L-xhzqLv60ZiugqN1VQzQvPr6b5q9EisLrzdjm65K7MDNOByHiK-0X4qLnxqiiZ1CLtho5TNkXZOiJEQwyLHNtf_B4qjZz_YxBVztXkss9r949p6iNDqvR2SRQIcZLIHY_-mfBIH3V4KMl5zsikh8ZoccYYA6mE1ahQXyGw2WzSzFb10pRgP05lv9iAmRSKd3ZkkjUAq8thqUOj5GHyCy7roe5EVB39U8sr_RJ_cup0bqgC2v11LrFnWpLTJlXuBkbzNYXKHo9U-niUCzBE6VQenjTNoccaiMicxB_AbBKY4r282MsRB1qllXIkFaUF7V4jL-MUKQ8iQFSZn-LL1KTRdCvBcSgkP0Oci7wVJ9mTrRQsSOOIarR2L0mzFFGdN8YgQarO4BVxGAdV9CXEdgc83uJElf9X6VJLKRJglafBhQyaDpEofyPKEAAQ78MKsCZ_M9nyLt7oGg0m_kxfNAc2Ed2TeMCS9VFp29wd5_YMiiG5ccdb1mA-rLHLuaJzXK5SVXa5YFAwFDkTrs_NvEgsLYSPFy5T-ReXV6QTAMum5kikZduczloFhI56YRHu0t7ordMn3jzB0zX90uP7cGBciveU5iXBvEnWaFmJYGPdySsxcfHM7vg34AubQwqQqQiQ8fhmE8Jfn1a9ZiQUEiE8RmfEVnvgW3102jP2VFHcon25iCRjuRlLuP4rr-fbY_vsAr0CIcc7Jlg56eBMeamqyBxQEJKOK5onmCXENz-oeqJDtHkK1u-urIs5cD_Hp75bCW5e4N0_r0LxCh_nK9CpL2rNSKeyCWhLZJzOhlYgRHL4ZQZWEiILYa-2j7sd_FJZECI2tnSt8oD3tErJoPpty7PybMRWRM1l4Rr137GRlkrRrHFNDOhJ-pEfBVqaH5Pyyl1ZRjcQrbxjBHEXsxgIIv2Itd-9sBKw&cid=CAASJORoNTCmLtYEKuvDbNnX7ql4eTp-FqUCfRttCm1ZXu-cmQzt8A&rfl=1%2Chttps%253A%252F%252Fwww.craiyon.com%252F%240

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

267ef2031e101edcfcaf0355146089133ae212da2dd03a72b6d62753bdefb731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10970
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DD6 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdM9FVGyr4j0mUMNp3iMvZA9a2vAf7z8Snnvm2ZJKlRP3lgkiTaHCp63prp8frrwfaXCfmNZmuyT5EvTemNSzPrW27mfffd0ygwgp6Uv1htR5240o

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 0DD6 2 KB
1 KB 91ms
21ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6566048&sid=18330&dvregion=0&unit=970x250
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 0DD6 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:18:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 0DD6 17 KB
7 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:22:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0DD6 0
0 31ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR77V3JCzhHrb3cFqNBSAbZ8XO_E0u0MdZxbX0qkStUy24zZR79uQVqiO7uF_EAaZz_PlvWvHSsVsofkCMk1iu24XYCdg
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DD6 137 KB
42 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3 200 container.html Show response
5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E97D 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:29 GMT
expires: Fri, 21 Jul 2023 15:30:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CC08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1&C=1

43 B
909 B

80ms
50ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLzdiswBMAE&v=APEucNUSi6lgSuYnFUWIhI8QCNyopQUuDJIkldnDi4G2z2H_dkVt440-3vCH6xx4ZSkO_y09hrfsz3D1P2bt87r5SulXGeGNydHx8iywoGUpKnsvwnFlM7pDKZtSoNgNFh1w7652qUfeIvamHHHS6LqV6TAE-afnYT0Fms-Oo2_QosGH14ss-EwINXUHtfUBzY8AjuFcXMeRwND3_17ZHffRFNSI3DSaPw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4fa701cb7bb9e-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDudhv18W1XVu3%2BpRjtdmq5ZgLqrNtznKovKA%2BhGvAAw%2F1feqffbmNdcevjfimuji%2BVcuaunwIPAywFzZWNEknBhTIPDsQTe4V2QXWOaMxiWw4pIwOV5uXc7Yg0ufG5hlVOSKrPnumZI5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdviM8%2FjxMk26sSgoKWms1eFHi%2BW2JFv3dteaN%2BU%2BYyGOsnKRgxn9CPoXzJ9csrzBj%2BGuaoVfAuNZdtymkQufSD3tot6l2%2BpGmXepi20syORhWTNaJGu0oabpc9qEU7WrukgHHHVfSBGNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1&C=1
cache-control: no-cache
cf-ray: 72e4fa6f9e77693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CC08
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlxF-FK3zJWMIXaa7SCBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1

43 B
912 B

41ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLzdiswBMAE&v=APEucNUSi6lgSuYnFUWIhI8QCNyopQUuDJIkldnDi4G2z2H_dkVt440-3vCH6xx4ZSkO_y09hrfsz3D1P2bt87r5SulXGeGNydHx8iywoGUpKnsvwnFlM7pDKZtSoNgNFh1w7652qUfeIvamHHHS6LqV6TAE-afnYT0Fms-Oo2_QosGH14ss-EwINXUHtfUBzY8AjuFcXMeRwND3_17ZHffRFNSI3DSaPw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4fa712e87bb9e-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urEDpOb%2FW%2BoLYh4DYttdbGtTi%2BX9w5IgwDQ1%2BTWTTbfmtWLSSmkFnbeUQOFyTZ%2FZzqWhWtYSY1ailP91poiuUOe%2FWEa4PTFjEidCyHFcmXcJgoMTvSizdDsdAbpXY9ln7ZPCcFUJZkN7Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKH-YrxswBaSfVKIPe3ZfN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CC08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEEYm9m1_tsL6sL7jJHmF_w&google_cver=1

43 B
1018 B

28ms
24ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEEYm9m1_tsL6sL7jJHmF_w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLzdiswBMAE&v=APEucNUSi6lgSuYnFUWIhI8QCNyopQUuDJIkldnDi4G2z2H_dkVt440-3vCH6xx4ZSkO_y09hrfsz3D1P2bt87r5SulXGeGNydHx8iywoGUpKnsvwnFlM7pDKZtSoNgNFh1w7652qUfeIvamHHHS6LqV6TAE-afnYT0Fms-Oo2_QosGH14ss-EwINXUHtfUBzY8AjuFcXMeRwND3_17ZHffRFNSI3DSaPw

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d70ea34-62ac-45af-ae6e-9ae68d58424a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEEYm9m1_tsL6sL7jJHmF_w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC08
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYwNTE3NTE2ODA4NDU2NDExNg%3D%3D

170 B
188 B

34ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYwNTE3NTE2ODA4NDU2NDExNg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c78f5ae-af6e-470a-a8fd-72151b3af6ae
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYwNTE3NTE2ODA4NDU2NDExNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F54F 640 B
316 B 39ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A499 15 KB
11 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClJBJYcDYn8zsstlNrfwbGQOC_jfM-H3R2HVVVphvhPgOZMrd-wDIYnqZmjgH0GuVdrX9GsLjUivYHlYcuvDTbZYHINGzELP5pQWkyctBPtHul2GSeszcbgFrnwVtMlAGA4nsOsnhuk8gSr3249_uc-OksZw&cry=1&dbm_d=AKAmf-Bx_wMeH67Wm_ParuY3k5REfxzqGZp_b1UaCNxVn6bbNdD0McfrRCOFHNIDAOcYqrWJLLJRAbC73mwiYgDkFvzO9fMrmiuKcm_bOaWMaqHDYgoi9nIs0Y6wDSeiY3ubUta0JHrPKf-la2YTOi8d0XSCUF0J25D7Jfzg4IRNa9Jv_MkYUmlUAQr99y_zGsB604w9iT1yzJnuZtTtvx_3qtDSaRpV_rs9JTT8J13G3rHEuXSeCBoZbQZL29FuSWidAxbtvysGxYZG0J2pBesRE6JZlDh6-aHbKjCnVezMeQWtFtn73BjZGe3WAueK9KgSGsVGp5meHiVXykVIv6Hj2A9utloDjx5m0Mi9T_6jndxQhjBqNvGR6uYluxJtB7vPgKBgSJhXlyXfJRyXKFZEjTa6RORxOYOkocVY1_4iSH2fG6jTNQCe8uOl5Z57QLDVuIEcwXevOcS2SJbPFppvW8GluUvCbF2qxl3g3uxsUdBtL0ko6waBL7p3eQJRs937pDnvqycuF4e6VqwAeQN6oj6yr_rprouieFKdiw8613HsZJEGD-vcF4wY6Eb7YaK9eCBTbUAr8Sy5C-Lrcg8GT7Lbc-8F6jdv5lB_vUYpv6bVTooL8WrPEjZ6PY0S8KBJ5HeT4RpyEqRhym9oiYI5YjMjYqBI9wOaojM4UTHQWzqPQMT_nczRxFj33ZlMZSMEyAoc3cfDBw7Qc-tZS8ESRlTRfpttuwCwx2Y4xmksdAqRrLG-SbX25Li33hFcMI3zqZwHXgYAzxXsmM589rdDavh3U5XV1lzBEPUwIAfpiX7luHUwRKwFFMd23B0WiYXu6SZtVpVC9dWqNfUSffiiV9aSroSDqhBCZ6ehbP3DOZU8jVCf6uSb2JSNHY8KXIEuyc9Fv1xMWDI6hAVggTTawu2lVQ6nm28FjlFnphQ5alURmACS07FYdtfcX8IrNxDj37E5dI46PkeZKMdjNjaDNE59S88KMF4IiLbJwuLSlOc3AigEbPVB9prFtmrS08Rp8ehCevGOlK-c3PfWHSBsTjO_Q4Pcsw5iXrOKMtPzm-V84ysO_IJ9hGxMYWXpcraN6LEflpDXqx914d-DFKtcSydNyx7RqK0wgcLUO-_ZhGSqwHTnqDDxyvjlwSprNpwaxtcetP3miAsICLxoKtLnDDhQAjaoU_yV0YMIn-KoljZs2VdmoM76YtBq6rK7VKNyopd2ER7y4vlE44quZHBEtksT7GD1yPhHpoycV98lDICrSirzwNaTgF1FsXx_2SkCx_mUao8SOQcFrKgutNTHzdU1rZ5naaMvuGk0UznHYkhPkVB5pzeilRGcV0zxGvgO9m_ISpPfEQc9JwRIlJmEzKXbEnJ5yrq2DigvISloojLmJanD4789Yq3fte3kZJurCxq5JKrflMgnz9fcfd62d9NaU-foKxJ-jc0_8LDywC8FRn56-zT-lJCEsiYV8DH5XQAa5eNSufXJEN4ztF1G1DeXsrC4XD4fIkTir5EKZTj7OXyILWWUdx9f3lRsJL843LZ62VcKMZZmZ0yKj_sNywcOzd_Lg3CMysDXVJy3y9Xzcb4bZf43VyAZR7liqoTFs_sDMKNZDGoczptq3ITZFxQeKefKI4UovLUs4cIjAxHAiRFwDx06i4FM64x58gu8iyzqyUepstAmf_L7gzvxQ1D7xkhIhmBuQS7JGHL97qGS3nd7gRFp8maA2vLAaCud92uSTuSqRoW-MiTAzKXbp4YnuBnyxWjHGmrZzMkoKYLBFSBRlMFlfnUQSjTZlsYl5euY81TLHP2P-zFLou6w_xzEISSNV0WvT5pRFzxHlrVHvQXFjmvx-pWPuNmuaa-IxvekQHqsH7gNgatCX1IxcIm0nUcXg2kc1f0KTqVFsnfoPFIPNkFOkQcZgdtwr4iuU9ARbiLsYAyMyHVWxSwaCAGO12OMxYtwgzEq1Kf-_-8ErEP8h0YakterXO-JvGjPw84-_z5qZeP249GN08Wt6omjVYQcyJfHK2ZaLpaf4ffUvOKPEzbdwMvf9lgKxxBjOhcCKDrcO40u4qwjIrsjWeoAQ1slfcw-aCdScwpCr0llCR9L8HsBdCeUvVJlcmVlBdN-oRTztRZQqOpGrtdfDyfwPDUH9CZJ3lLTuTMfCetn4pnPBnGKswE-p_eX2Q7TudO_GklHu_5VdqLM-VsP0y_6buWgMowM0Cg7N3SsO7G0VNcJ_uh4Koq__2pezR3-mvuta1bt5wstfYpWCJtBSzMFTspP9C_utBeG9_Djxv8ZDlkkXZdqpNqHQ7bdRs3YdDRZGfaoEQPg80tjuMnJCLFTE7bud7XFUeoCkKxXE99eGtAbotaNoW70OY9G76Xw18B1mYhA6ehzze2aD7DVbH4Jsm8WZyJHCsFbhbHYFx4oJYfAYd8AlvPlzveqvNzjz0bS_CI6W4UT12k2enR48rHRyHSA5Ey0gg2UdiWo-bEZkMHjMPIqA_yc5fAwo8N8sNuS-LIIIPbpQIJ4VjqqKGwiCqydDzCq5cHcJewR7ACZxz_S6j5_WbA8Z_tBdojAQgssWkGyzSf4DoBrGj1FTv9jRXClRu0hzEmwhmRlyBlYb1S1k_lmeRBYBuI_1XMwHTbGNXCM99CqfN-CLAPn07wa0-yVnsg4otzSQmgHQxS96i02hHDxR_RTaTdLPIpNlARXItSC14qFNAFWDM9nKsUqIUbVWkBe6ihFPvC85sqnY_uGWdTFsdIqp7fGJGprx1TOhd77iIiiBiSkSTbb4MhTpIzi6t2Drw5vrfDHZrrVVlWU0ricIgBowqMYAK87wL3huTo-q9IQ0le1Ozd1hgdf0tYg6zf6DF9lvz_85l9y0vo7AbH1I1zNTdM_gd_HX4gPswRXPm8gKs_fcywIREtWbjcR2X5mHjCCqL-qbCkOEJjriy6bVxyUFFORVoGec1xXmWpr3kDYyL0HtN6fIX2unk4j9lQrZJxTwHJPa_edCbQ_WMln7iWfXdjOVl44SUM6b9QpcerFWsjOrE5z36y0OuBYYsHuWavNei1O815IbImRClK-1Bl3H2Kf2zArs_arbiNmfK0sEa-CtOSdRToAK6eO9uk464Xi5L2-_HV5ThipupM8H1BNmmTeTiiL-HB1gFy0Lwr1Byh3BOFM00XUu0S8HnogiJgyPt-hoNmkMpF5HMR5PiDGKS53BSxuB30MyhnZODfVT0fieUc8z902o8TCa4KdACIb3svh-r5g-XDz_ybshiodpToNOoHNreXcnfQZULdtBG2UGgQbSR8oBZdCp2H2SftgpIiXKuFZeNuHLlUBohPgZjpt0mZm-tnXy6S_8C_v6bApdf_yDeJIMMJF2j2nzjlMDd0Oqfbxo4w9xg9nGB7Y8QT8JLCBs5lLKHDj1gPNUzB1qeefr5VDdgOA3r7c7FUqHLNKxNaLbT6QQExsz5JOE98eJvUxytuli2x4LEaAgRkq4OWzfsuWQNw6RXpGNEPlb_IjuhwRQUBdf9ofjESqtmqvYDC8PhG_oQCoopXbnDZw9eI1W7MUmrCBhNu9og0BHJqjahOVDhTb5_XHA65fNuv7yEKA1WxWrKVZrD-RjwPjid2Bp8vOnLlRUT310nypRBcbKhn4QiAbuUdEE-yAgzF8y9EFC0HY8T1jrHnoiJl4odTMJaPhoq8oWPeSIEyfl3yjFssmBN-cyk8TqtNLXsluueBqYXO1XpYPTQnhaLZonOyE7tyOp4AaqPP-J1v9jbj0N2H1iRmxQiU4eyEO1l5P1ew8EKDjpmb_vM-SjpMS4mBn8EG40ZKR2SOU_e_4Ziqmq2Bz0CrPFsA1uGzLZJIV9RtB-Yn5mrhsHr-jZBIXqICYZuctUcNFO1fZJIyQXjYF3uWgVJwuNdcWjucytV5nlxjjW6vtDwfEgbtFESQPFRwNEcB8mo9u63sfCR0LZcbYChcRb2U3YxhnUT2pMBijO0RR1iP_pIiWZL34UgmyQvpW4t-Z95auzbKrlYkNNL96mDka8WtUt0bjm5XRMBdBJYmZrRyDFSrmRUlmmewjMGSo-hIQPFpaNsPNhtAi2sVmNMV_izdpxfps2xfwNUJfmpQXqUwJJ5Z9_scdIlzECZzyawMjnw0XTmFTgZWit8iapxuq8pImfxyswqI8CE3COn3N0JlwNiPzsOaTPTfU5FWGlTjL-GTJcHmDZxCrOWRrzZd_KZCOJgP5HeE-JI-GdkhTcIYJxNg4Zp7230X0EczShRxMfU8VPeGfecgGeoZIJowsEjxzuOG52tX57oYWXlxdnNcO1Kk1THAghkQsCv0SWB6Cjd3uofUp7zpGu8b5ZI1k0EJVJEL6Huo8HNA6C7tEI-za5XrZfv9IHvaXRzfa5-7wznnadjtO8i88pJwt67Mj8kjF1Hc5PKN-v5hh3yW7Sbonw9gmKs0FRj44OVm6SE2t69VOZrgSdJVPGzpDsRbmo6Fu9OLILEgVUlA36Gx7dHtywgqyQP4-Q7GlVZgvfropWdAYDM98U8VIWJXEV0iKQl6UQhJwbVyS7ZA1udBCDhwgPAn7DBlnN54JiKUb2icjN42K16vsmkriq8ZHA-L3IUh88I7eNHwE2CcPZqKWRxEojR6uhgh4npqJH5wYGkJlRdGTanCFq5h0KNZeP8ds0PET-e_GqHgU7WS_g5u8nyKxcwtabFP8ksnWadjW2mYm-dde9w&cid=CAASJORoOV5FYxxsIlNj9xM-zn0EWrXUIywQMjZdEmE2t_rq6utdDw&rfl=1%2Chttps%253A%252F%252Fwww.craiyon.com%252F%240

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b27f5036ed872b8e1c2f7849a4467326d9cd9525ec81b02e08d2f64f49485b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A499 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AirFAx0X6sN3lJjSovxqyS2awLob4SfimdMRUGZ-2M9Mq1USi0wd7LJgKAGgJDuVI6pVysjc-XScFf4V1Y0WTp5kdM7XARSPpeGSvpR2D-AoALPCQ

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A499 2 KB
1 KB 23ms
22ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6566056&sid=18330&dvregion=0&unit=160x600
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame A499 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:18:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame A499 17 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:22:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A499 0
0 40ms
39ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRx5Z0QUUGSJ54idLDS-xWUXwLrpmpAAwduD8jHfPUwCa9q5C28xOXDype7WMznR6Ihd9_n89zlDyy2oEaA7vzqvTuP_g
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A499 137 KB
42 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DD6 41 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9629 466 B
301 B 42ms
35ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNV3pqleRV-uD12Qz_XocvrL6cWnWIbhy3W_vTpcCaZ_IUm4-Q2952vpiruYbwDGu4wOXuApC4ixvwMOY68z9zH0n1QpiBe0lDOZL1uY-9I8WnMW5aHzkxh8UJ8v3sJQ5IkaT7ReP4aXqPRl2kqkyJpGUw0AcM1S6cxfiLqhq3XRnsFRYRJs5yZ81JdkZ-gsxAEdYp5yMIr42W_P7qV2Z2ufU9dyyw

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E97D 14 KB
11 KB 66ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcNr595TFEQsEzcKgVYTHuUq1lDhpqvVHC8_GxU0RajS6gMS_7WC5aBk8GnniOfQ_1_ZxVImB9GsNQGajbV3is5pOZ8yX_lKSF4ExWM5xMBR0Y_XAqtPTYMSS-6cozmwupMaIumOiEGS6dHYgFOD4kSoi_xQ&cry=1&dbm_d=AKAmf-ACZPAIbyvkCslrnQrcSqr8I6xld3bc37uMRDyfYYGSZSSXR8Gwq08PFBsJeogH4L9nw0DkajB-BWKghhk7vGavRulOFcAIbrw_KS6AR-CYxnInMHW2TCbHC2BBtk4cR2PJN4wXmxDvt41DUhNI9UBEBLz2ZKF9FLTPHPRfY2y6ygshtSwBG-6eMstvqCx2K2fO8HkOzZBpZcBfFLuCkVN0hE_GdDAaP7vtj1SzPiQOdPX0gwwNVQM4BmjRxjtnKB2HzoRw1JwAOWCGdUR8_CR2zWwSTzfkrd8oSpWXBtju5fgJSr_rhj6ykKKggk6RVoO-rwbX6fENmUxc1_6YlsYIJpKiXsNty8vsGRhJ6X9W-TraCO5MAy7DLnf-t5ppjYvZuB8y6rPdXpnixpV3-qxvNwxHTQ-O0SqFUu1ERYa3EG7ZhA5e_lhCqWXTBK1MtahkE4gUXXipDFFkJasonUCBDrBQ80dUdB7oqRWX8Y9tAu8bu98Ydaw9d-W2YVbuqDHtACCMS3laqn21lhcouqYr67WWrVOodxypnI1__9Otl_GIWK5VepiqBL0g59i0yUPYzhvrrlR6M-0z0N4A_0vsrEd4VHVtu0ML7xTEYudQh07sthIs2l7gg9m2z_rio01-hozcxEb1vxSU9U6x5YnppGwqeZk_fOa-U1xZwbxpSPcgI-8BBQZcjYTUO0QhIabOJy9cQnp4_NFtpR7-g6bf-bbLNlE6DfXcKC0wCfp6Y1a1GyyY1T2qVPcJ7JvThT6eJea-PpJxnzxnjlBZTb8sMn51XkaMq0PkktCvq1MHj9xhetgujI-GfXKf5SvRThXoY7wpf8No4SH8FU_YFsm2Nvv0wC6YWHPHXOqISqe9V5Aadbz_HAozHtxwl-WSWQd-us3vS7vkdZOk4qbF38GcMsOVZegCFFzTW6Xo1R-wHt_LOa1R3EhqlNeFwMFVPfph9Th9EA-LezwOfYyZB2TC-GjRkt0IiFtk8jpdcYikTxArUlSSL0du8e0_3advSkZVdvrmChYMg8BSOYvlqWHMylohEzX-lu6fsHvU-Xkwn-YuLlJkeUmDoUnSPiWDeWUn5EPVzrk4gAJLmODuSDy8OjtM_JQzQ3GngBjD-GP98gbvxQGOBm84sszup_m3u7i_xToEcn5xOGHutowwDE8d9VoarlRokj2IadYp0JXuHI7a7eJPtYA9re3BlUV-2U8-9-5a-bavte6o5ckoTr6RYqM6nWy4Mu4nOwR84PD1zip8qQR7e27R0JMGYsDfIpZO6CIs1vfkAZYpInv8GEtws8R8JKrgdkN52r5mXP9M3gtuEEBIqXQg5oFBB1gvxKF5TRq-xipLiPeiZyjfmrG8mXEPAGaeYb-e8yAoFRhEaVQrscXTkGEtvRkJieL4CEFvNh26TBnwdq04A5IAhBxt5k8y_6-PIYAE9vWSAT9l4-QsepXmMkmDDupbKJy3WyrWBVsdph46V1ANn6klNdHpD5CdklBZRWPR8_Fpzp03TLl9sbBCMzIxhl7ynt2DkpmLVtXPEBu9IJg5bpIhHQrmu_QTt2GP_irp0TpI8OZp3jdbVtQLCHOcHoEJnbSLPWWS6sTYY5eVpYLRWGUEed_s9pD4d-hKDfG_0DEa5xiuukQmHaVv5G0b9AYuOk-Q1P5S17-5RxW0EZwHfXjCMEyGLh_ioEx0dtfupb_vhEqyBD3zqHqHj9Z3PkW4k0l7b1ej47RTWGOv7KlHWUExtJ1XlgiqsC5S0UngNGDDHUzAsRIYTc6qNQ42s8bVMVB_p_WkM4oNT0DgiBluH8-h10XrB5ZHjHSmZ1_05A5JheOsQgh7t9IAvmnO5kA2sX7vjE_ja9mYvc20s16FK_MyppDPoZVp-4LCSsIL1zT1o84Sr3qWPUPuJVlXbl06WV5TsTVoO58hUTUlnYE1Ldrq8PvuHshABSgLSMb61AlUy-dU1iEfL-XbnejO_EWNTbRHYFgg1v7tpMkGo4j_jcJC3gGpVYgZJRCVunoZG0zkMzRdS9G1Va_vwMw0uf03t0bRMI-kCt4GF3rSIEpQDoxdOfAHSN_oA_GHpE03lH9eU2jT5QnLMACO6711JET2TmT313_LAkue8dG8K6w0H2He4685pTvRghNYRMv-ZquNpSflq2cMiR4niQSNXAMe62CRRoJmUVqTIGEBeolLQNW4ABV5tilk6nehBkVHG0S6fvbY2-tEETpw10wvwFdFiaezt2DEBekYVmh4iAObWdI-Z3hW4wa5eMNmZz858lB7Si6Wbhl3mFdIhOd0iOIdhZoSTotsWWoQabcbc813irq4Bwm-6-3Fw7ES9RYrRihch-UXZrF9J8d-VapPTEF-FGQzbLOTMOdJkzsRGCGgGnQLCyluC8uasmRPAQzvKcI9eBYVlGVAZ2Si-zhw0lY6uCJm6aoEuTbl3oyYe_8-pFWeYi6ht8gefXzdKQSITIqJ-OT1q87NHFi9TDKLL4H9Qr4LyZmQccI9tToCsncC2Cel4AoD-jqUvpneLusjBrCURDP_DW1biPP2bAd2O8V9Dot0DHuR1J7ovRm54coEaQqERUFAEE17eEXYo0hSLYd12KCg3-qTvBO5gpTKZOOCSYLSSiwMCdTOrUG_lXuNwhDgWAHZ_WiXMXjEUlzb82zAaizhc1x_Z-bwNYmsapVG8r4O2z6Sll6teZJOzH0BsSrI6MV7Womdo5ltFAh7npSdlG9YHeaGtjLXEXnb67Z9zxEA1gb7516t4qetAqY7m2SNrJWvQdDRXROF-biV84gXWUoE6_RLUa9tBCSpvrNomuvOy_hUBFz6Trt6pyIv1Bvtr2A6Rn3y2Z7-lw-OReAs1HiYOP8AAaXfcn_lYPFSZxY1rBFWz0U_RepDyHVW2GsJItqifMRbFBc03wHkalgCYGfeTn6rN2t-ZrpzSKrEg2V9RZ7WitbJU4jB3zVukDL9xqMHcaX3DUNp5zNmRsIxkRuACnSU4qARkPf87tyTkWFL0z1anF_x7D7iBbwV_yCXJo-7B3Zjr_u3QnBZLtcTvxxCIB1bcOr6gn6mLF-8D4HtGvMgNDoqF3sh9YZkin4gLlOaTSMZG7tEsePhphz0UGKYqQcS2fG7u1zWDeq4kYn3NDF9M-bh6Y_BRV4HJ8CsucKl3S_GTZmg8uleVO9mYin7R6cW1nV4qTSiY-ckSueiRNlurm8BeZrh3YyamCu6jmQ2BtTbrjUnfXBe3oTQhvfutpQ3K1S5cgtykkl8bRnIeCzr8cBRkhH2h2BFvYQeFiLawxE-8dMsmwU-DNiNaP0UuVrErvS8Sk4nDjhEnvEweJcT_shLuZnkIBcMvjpmwe9-A7kaROu93Bw0iwSxZgcb4qeQIR-C3ptgoD3q0A_L-Kw8FKjACKbg7JPNs5HvjvERUbQaAg28xG2LhhNIdMR0qFX7cgWVPio23fU1KEtkDv7BB647czFKbSUvYg0RZeve2mpOgl11VGscnn-ZlD8_W5z7mBurXzkMKdg3YYUw9PqabF3Xzv0L_2YMB_Hdk4nMEloIdF7wxKflRisrEsExiSYG5MFMoFcy1X_G8sV4lYE_oJYJ6wz4kSdG4MUHjEPzDMIficN_B4hTEjnQ6u_48jvYuU7vys-4t3yb1x0sohmwvMTw2AcAGqXlbG2nynTnTJU3nTdS8XM_8-e31qsbpw95P99dW-ro-ruJ7faikKj2tYmHZmpFKjk8S7pk3IyJQx421dTdQIbW2gUbI8Qk_l0ddMMMChQSysq1ci4I3GfjNgmZ3Cz17TERmgwFintSMyulc-uv2mTYp0VHT96QKogx4R-nDNWEdsLEQLog-STCcVdjwp8ARHIayg4j65yORhl4sWZD_q-JUKhQP5yF9DzBtIOkcz3PhKuVweaHpcPObLdKFc3Up_Cc2htAFpZNLX1_5d6-T3vQYfmBuHksxZH4qqYQCvLYACxWEB2KGrhbO3pWwvx724YkBy6hVY09nRPNZQSUDGTjikjUtHXlUHyc9QXwnIXwkyPKEZMJ7BlsEG7VymNT6LDNHR1Itefxi5jNGq8jM-NOb8RZbW42sOFUF4DczrRsmwATOAMv3LjoocfJa64oISUvAxQ3N5m02Qg_ue5gico9ivbxRRm0Iy_Us_o8up20IV911KZdyQGVRlcc7sbwuRmqJ_G8p9Ef-7hQfbd5TaqFmTxXmstaGRvda9aRW60hHeuTGLIkwLTIfs4fGHBH4DTxHLpmsSRhz53kd8k0aTwq-_0Q0rzQ6dqYuL0aLizgV268Ehchft52pfpO5LxFLdYHJTwHVxpZIav-hJNcVgyznS0OWx2x7l4ElhXJyMR71eYp9VX7OZEKAxyvfpcPV_73v8mizYe65_mIlAZXCEAg3kbler5aJbsdsWx-ODFnyBKkezO2q6FgzIooEEOA1O4CuaG1X0y-sEGg6HS8HAQIDZngR9RTQaHv6rUELkVxVEG0tJfSkcoMBO3BydVcqyVDU1fbMzhcayGLe_2ulQ-jvEot1yR7lpONHQiSPldl3E1m6gPN2ej2EXEwlGaj_XK1YkI3s6_OpAmMLFP5Hc7aCD7oEDdEhhUnCDiLunbQvzCz-b_tY26eJEZQI5i0v0QzKyDoQZl4gb87YpN3PvRC6KnV45VN06gnRb0_0YTqHRZIP44uLnV95kCM&cid=CAASJORoGZkdopEG_QkqEWMrR4JFu_9pFTz24hiolCpywc60xwAq4A&rfl=1%2Chttps%253A%252F%252Fwww.craiyon.com%252F%240

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d1252e90d53314316a796490d710498ebf87319ae5e1e2866df42f39811e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10948
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 42 B
63 B 60ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNoUiIZ_QR8k10PCES25B73PPHF2mQrbOTyLT3RsCqpgvAw_dR-3xi69smqhCcEl_1quctHefULh5SyCOnTGcni4xAs03N795pd-OaIWtxxpxb3Io

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame E97D 2 KB
1 KB 24ms
22ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184716&plc=6566056&sid=18330&dvregion=0&unit=160x600
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame E97D 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:18:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame E97D 17 KB
7 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:22:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E97D 0
0 32ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6VQZIQmdnD-jEuPP2WodV3Fnwjpeeeqqetwd0QUsyJuMonLPC507dnHMcsEqv5i2KHljwzZWrqlUQX0y_kAX5-d5lAw
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E97D 137 KB
42 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame 0DD6 55 KB
18 KB 48ms
24ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F54F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgmBznPi3gfcmqkH_g0SSU&google_cver=1

43 B
275 B

41ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgmBznPi3gfcmqkH_g0SSU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
via: 1.1 google
server: OXGW/485d39a
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgmBznPi3gfcmqkH_g0SSU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F54F 43 B
145 B 87ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F54F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEB7sEBdoyw1wWgPv78mj_jc&google_cver=1

23 B
172 B

58ms
54ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEB7sEBdoyw1wWgPv78mj_jc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 21 Jul 2022 15:30:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEB7sEBdoyw1wWgPv78mj_jc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F54F 23 B
172 B 69ms
67ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNVx1-9IzTDAbzwZtvmwJNiErrs-gycMTiH6SPeuOmDopuP1UOVf1GnKjgKZrNN8Ezvh-V1anISoqLVNt33jYvCqxAayWBlDHNuEJ9RIBqDOzDrAKTCHFBij1IGPGkJ-JytxIELvfRXFjXIU6RNuOj98DNqTdRO23NNbZJVKI0-9lHCDQWWsNfhRIHOXblg1NXYju0JkI-NBb8HZpiPh_IeO2i-YWQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 21 Jul 2022 15:30:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F3F 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A499 41 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame A499 55 KB
18 KB 30ms
21ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9629
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1&__user_check__=1&sync_id=0e40781c-090a-11ed-9f3a-1ee5b9e10406

43 B
548 B

32ms
31ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1&__user_check__=1&sync_id=0e40781c-090a-11ed-9f3a-1ee5b9e10406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNV3pqleRV-uD12Qz_XocvrL6cWnWIbhy3W_vTpcCaZ_IUm4-Q2952vpiruYbwDGu4wOXuApC4ixvwMOY68z9zH0n1QpiBe0lDOZL1uY-9I8WnMW5aHzkxh8UJ8v3sJQ5IkaT7ReP4aXqPRl2kqkyJpGUw0AcM1S6cxfiLqhq3XRnsFRYRJs5yZ81JdkZ-gsxAEdYp5yMIr42W_P7qV2Z2ufU9dyyw
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEJxTxxwdgfrdP0jQh2IvFB4&google_cver=1&__user_check__=1&sync_id=0e40781c-090a-11ed-9f3a-1ee5b9e10406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 113
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9629
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGUzOWM3OWEtMDkwYS0xMWVkLTgyOTUtMTU3NThjNjMwNDA2

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGUzOWM3OWEtMDkwYS0xMWVkLTgyOTUtMTU3NThjNjMwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGISti8wBMAE&v=APEucNV3pqleRV-uD12Qz_XocvrL6cWnWIbhy3W_vTpcCaZ_IUm4-Q2952vpiruYbwDGu4wOXuApC4ixvwMOY68z9zH0n1QpiBe0lDOZL1uY-9I8WnMW5aHzkxh8UJ8v3sJQ5IkaT7ReP4aXqPRl2kqkyJpGUw0AcM1S6cxfiLqhq3XRnsFRYRJs5yZ81JdkZ-gsxAEdYp5yMIr42W_P7qV2Z2ufU9dyyw

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGUzOWM3OWEtMDkwYS0xMWVkLTgyOTUtMTU3NThjNjMwNDA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 127
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9629
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1UckhqUEZoRTJ1SHBKTENheklpVXNVX242UHQxZ1hvcX5B

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1UckhqUEZoRTJ1SHBKTENheklpVXNVX242UHQxZ1hvcX5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1UckhqUEZoRTJ1SHBKTENheklpVXNVX242UHQxZ1hvcX5B
date: Thu, 21 Jul 2022 15:30:31 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 0DD6 656 B
653 B 190ms
27ms Script
text/javascript 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_446796429147&jsTagObjCallback=__tagObject_callback_446796429147&num=6&ctx=15911784&cmp=184716&plc=6566048&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=446796429147&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETar9EEADTbpTauTaud4h%60f53ac4h25b5b3%60%60726c6daefa_a4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.20&callbackName=__verify_callback_446796429147
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: cb9b4083f2f4d2d7d5468c9f7dc54d51e3c92c480dad4f947f4893fbec680f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 07/20/2022 15:30:31

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E97D 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071801&jk=3904887552514535&bg=!ysmlyY3NAAZlvz3gRb87ACkAdvg8Wq_aIz-Ujf_WBLAVwshfQ9e5QqAU1zi6p80sRcpRFMLaIjdNJAIAAACCUgAAAAJoAQcKAFKBowwad815DqFVilmYeRBY1ek5DeHd0DCzd1gblRovaosTe8Ce8sxYGQdzLGW3U7ts4lYOE8LE7I-GKJdukvMN0joAdLJzbsK_UQaiRlloQFuamQKVFsMQKGhnOqW-jci5n5lU0N-cZrBiKt2DMM-gTs1cBDnARBSSSacrx2Y5QweJRZZWOGD57z7KM7Gdzz3bx9oj-YE8L7cw1FIX0PM-yyPd1i1xSC7bNusghy0VRxhpfMBmFxP7i-W4DpgZFmfQp2WLVCZR6rbAE0Qdr38LvaLcv-OeO0KOfrwmj_JVkw7YAfj2xX6-aJUxdmuHuXXrWXWHAzTaPzMqw46wa2b2oFIC6NIlbYW45qQUoitv3Zsr7r_ya-jidNte6UsNAv5-Y-qTfeqJM2VEsPL9UxF7F5PxxIrX-yzKhC5p72lWOhvHwe3lf_xQs_Q7CJxeCybWbkWZmUPYKUUptbxNcetP6XG_ulpLcQ1TG17QGym4lx21dwAJzgRgvzPjf9DK4C-yOl4emKBSWEXbtqh_0pCcNsFvLNpxMoG8qaY4FLsXSV-KEevnkYyEBfjPTkGOrXFNnPLFPIja9zyUY7XJz8tRBGFlWQCIgwdt2iwf0eZTKUjutl3ssFmrzopDJru34agjvEFxwL9UjKaMo1HfMRZq9sxDfNlAFWr01dQla3bBVSU1n9t3cmKZTYFPPodjN8ERN6HO2ZFUrF4Cp55SwtaueoYTkSLy8-9xcQDhOJ2_wJHTduBxfNnfiXCkLAV8Dxw-U48w4YMtoTIszxkoimFoWqOalUIdPPge530axvSWn-O3qGHMEOaZKNs1F_Omr8LtlwVMUWGJV9shFv277LznP58I1idbHUqaJUmZR9HGV62dZ1eSZuaG82iL51WoBclH9ki3Z6FAICbB_juY0MrNpgwtL3J__T1ZqvaINben7EXvYiBMFS7vOK6-i3-Cwl_P4LcTVmV1WaoxUtMOKjNadLI6fXikyGRbFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FF9 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A499 1 KB
878 B 132ms
54ms Script
text/javascript 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_336388409205&jsTagObjCallback=__tagObject_callback_336388409205&num=6&ctx=15911784&cmp=184716&plc=6566056&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=336388409205&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETar9EEADTbpTauTaud4h%60f53ac4h25b5b3%60%60726c6daefa_a4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.40&callbackName=__verify_callback_336388409205
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 40c201460bfc3121e10458dfd5bab251f01870a4a5ec37e0ea41a741c21aba29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 07/20/2022 15:30:31

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame E97D 55 KB
18 KB 26ms
26ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F3F 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BE93 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FF9 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame E97D 1 KB
877 B 72ms
26ms Script
text/javascript 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_707486899949&jsTagObjCallback=__tagObject_callback_707486899949&num=6&ctx=15911784&cmp=184716&plc=6566056&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=707486899949&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.00&dvpx_strhd=0.00&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4C2%3AJ%40%3F%5D4%40%3ETar9EEADTbpTauTaud4h%60f53ac4h25b5b3%60%60726c6daefa_a4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.10&callbackName=__verify_callback_707486899949
Requested by: Host: www.craiyon.com
URL: https://www.craiyon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: b46104f2ab034be9aa29708b90cc3119bab89a7f0f842dd8a7813ebbeeb7ceb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:31 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 07/20/2022 15:30:31

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame 0DD6 0
210 B 71ms
22ms Ping
text/plain 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=843c8aef86bc4592a29a8a1df63f93ec&vfdur=191&cbust=1658417431271264
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:31 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/20/2022 15:30:31

GET
H2 403 globalpassback_970x250.gif
cdn.besafe.global/ Frame 0DD6 0
0 502ms
415ms Image
application/xml 2600:9000:21f3:4800:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_970x250.gif
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4800:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame BE93 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 16D1 1 KB
749 B 21ms
21ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 14:05:15 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 14:05:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame E97D 0
210 B 58ms
24ms Ping
text/plain 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=aa4bdaa15e994cefa5400ce48e92c985&vfdur=73&cbust=1658417431308735
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:31 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/20/2022 15:30:31

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame E97D 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 21 Jul 2022 16:08:25 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-frc.doubleverify.com/ Frame A499 0
210 B 67ms
24ms Ping
text/plain 213.254.244.112
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=2fd224686db54872a5a2c8df562e626d&vfdur=133&cbust=1658417431310212
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 21 Jul 2022 15:30:30 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/20/2022 15:30:31

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A499 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 21 Jul 2022 16:08:25 GMT

GET
DATA 200
OK truncated
/ Frame 0DD6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4d9e9f19d77abc825e24139e5ee0a6383944aca3f7bdb686ff90bcf500e08ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame E97D 54 KB
21 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 18:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 18:25:01 GMT

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame A499 54 KB
21 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 18:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 18:25:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEVf7zgxUmVE3QSg15NMO4&google_cver=1&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraDkEEQ-6kqxw

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraDkEEQ-6kqxw

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DrcNoOkbs1DYFtJAmKZxT2vFFk_nxzOmacECHl8AYfUrGeB7E43H_z-oUburuD7j4EC6cOVYY91p-ygraDkEEQ-6kqxw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGCk8AL8TaFUOcSQcOrz46M&google_cver=1&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_YCNpq3oy_rWg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0CC416328A64A9DA8EF75FE42F43EB4&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0CC416328A64A9DA8EF75FE42F43EB4&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_YCNpq3oy_rWg

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0CC416328A64A9DA8EF75FE42F43EB4&google_push=AehlK4A6m4UblCMd4aIxdqkUtTMnMO4qrqbMAQaEGSBFKEsYuB-nCQbY-QuEJILL0vUrq2J8ID-BQwtjX7ILME_YCNpq3oy_rWg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 20 Jul 2022 15:30:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESECzFGMBoe9me7CHbtJlXkmk&google_cver=1&google_push=AehlK4Cj86q9GkhbEqM1PFcIWP-R680Q3isGMMaLBklP8DA-uiQx8R7KpkRDWmwSXzTb9bnEzOET4s2QmfPTAWSvExP01zyNLg
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEQwMzlEN0Q2NzlEM0RDMQ==

170 B
188 B

33ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEQwMzlEN0Q2NzlEM0RDMQ==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEQwMzlEN0Q2NzlEM0RDMQ==
date: Thu, 21 Jul 2022 15:30:31 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA2loQ2xXxZNcIlizczbSmk&google_cver=1&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOd...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0ODYyOTI3NjY3MDA5NQ%3D%3D&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOdFjeD...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0ODYyOTI3NjY3MDA5NQ%3D%3D&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOdFjeDJw5JYutcE

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0ODYyOTI3NjY3MDA5NQ%3D%3D&google_push=AehlK4DafH9L7YCcrt1cSIKEabE7TDjr2i-MKwZWYspqOAerciSr-Rpn6lFY9ydfY1ZgkeL__VfW3c_-JVgUOdFjeDJw5JYutcE
Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4CmzxTwQ1rxCbEYNMlfQaby1H-AjY-2GZG23DiP4Sq0z2XLA7nxz36HFNhhJM5wzEUBMpOXZEDDW3kiecUT5uIT...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4CmzxTwQ1rxCbEYNMlfQaby1H-AjY-2GZG23DiP4Sq0z2XLA7nxz36HFNhhJM5wzEUBMpOXZEDDW3kiec...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=bc57944e-1373-42ee-919b-9aee78f6ddef
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=bc57944e-1373-42ee-919b-9aee78f6ddef
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4e545074-d393-422c-b6f6-c0a282b7a543&user_group=1&ssp=google&bsw_param=bc57944e-1373-42ee-919b-9aee78f6ddef
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==
Date: Thu, 21 Jul 2022 15:30:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 16D1 43 B
351 B 90ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOtJ_NcmOAebbWBdjAHn6RE&google_cver=1&google_push=AehlK4DV-H16PCyOTt9V4sdpg5okLVFzoUGfAIEzPMRCch4FpOOpCL_p134GcqVtfxuj5Dzs8EitiP2K5ZRpf5o2Ov3cvdZ_AEo
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 4h3akrrinmg29dvq21m0v3fa4kpecivg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16D1
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOpdlzVmWlAdmqxkKixgPdU&google_cver=1&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOpdlzVmWlAdmqxkKixgPdU&google_cver=1&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkK...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mOUe1zcBS72bi_tRXT8zLA&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7Xqzk...

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mOUe1zcBS72bi_tRXT8zLA&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb71OAQ

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mOUe1zcBS72bi_tRXT8zLA&google_push=AehlK4AzmBg0iWrxwDAIqkTOXYZ4BS4gXu03AdjDjKEukWHyYlkhNNV_xosd4rwUxWVEha_NGwrn6NZsEr7XqzkKnZAVbb71OAQ
date: Thu, 21 Jul 2022 15:30:31 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 16D1 0
12 B 30ms
29ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2VdelvlXNUTKLrdq-_PBmjaXo91ltUbKG7jg6D_YNNtjKVbnomccZQtDXf9X0E56irM-y

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame B3C7 46 KB
23 KB 546ms
65ms Document
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

dedd159da6d543418029cde75e61e56f7e11ef480e8c137d0eb2d16f6e129d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 23726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=1964084963;ord=75g2u2;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 522B 46 KB
24 KB 527ms
56ms Document
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=1964084963;ord=75g2u2;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=62;prcl=s

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

30e42b6310354da915ae65d70890d85fe97d24e91b822b1714fe59f08c16c3b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 23656
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CC0 1 KB
749 B 24ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 14:05:15 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 14:05:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E97D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81eae7ae9d86647e418c255072f7ebbeae11f3b386fe11e0cf24614754669730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E97D 0
0 60ms
60ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzR-aGl2zRFyKj1D7dOzGys1LLhM8_C9MK9x5wyc3w-ccpJJsyRP-g5P4zaAOge3XO6VogmuIzQe0ynVqKM0IKJHBVxj3tmGnaXZYCpQC9S04LemmLkBS9TkNfrtXLDSLc_yzo1fpZmlxqbvntdJaT6UaQIK07IlYVZ7b-C0T_Xmi0vLaiXzNsvi4P8tUOESmRDlkA4-4EfFnLAviSm2WXBgzcb_YOF5hugFdj78ZytUbFM0TvmTT6bzFdol9koT7iaawrNAFRzb3xJ5NcIIDWRxEium6O6OF8jyFw3Snq1z_Oyvoig0aMOIUMK5RLmNOx-ykbTsrKjSXZJE6Owi7eacMmaebmleIm0nJT_ADGr98VCBcPzhhWeYUTvqtV0Hh5O7dAdOcpJfw&sig=Cg0ArKJSzD_wYTw12RsBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 21 Jul 2022 15:30:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 392D 1 KB
749 B 25ms
21ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 14:05:15 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 14:05:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A499 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1780538ffd149498ae3c0cf96bf6b2848963739373e2a1ddfaf573c5f55baa6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A499 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZlbPp6aYeZC5L95d9SJIublfnpKFvZccha_-soluMaF9A8B_9mj3nlGzpxvcUuOhcurZc0CH4WwwefywHd-2xMPWDt5v09R3vaa3-WaIaiJMfDUP6zZpDMFtmrj-28wnFvrd3e5kXN488Opwt66xO5f36oITzYDy1ihqQXWCsPzLLNsc2_Z_gENkBtujxNXZjcH-hfZz8ZP1xgL1o87mX6j-F6eEhx70UL9gVNRaTH1Q0NIiDEjH2UVBI9zEJbBcu6HmLRZOEuhdC8rF6C1YqgtjhwWRFvdrz3WfWt1VcqyORMRL1BNAATnznVDbMKsvYK08YW20ixvUDmHFzAC_yMeo3qW09zD9Uhk6p_vViP8kcwhvhLSd_t8dX8gkLIJeCDuHK9UZhaq8&sig=Cg0ArKJSzDVo6OjluNkTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 21 Jul 2022 15:30:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F3F 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2QQKFnHZYqSpM5Pa3wPO9pG4BAAAAAA4AeAEAg&bg=!iomlic3NAAZlvz3gRb87ACkAdvg8WpYPt9Bzp9xK9xi8Y4rwXDFzkegtJXudXCrNfabJOlzDEi3E_QIAAAE-UgAAAAFoAQcKAGTcOYiPgmtKGwIujvl6VyeSfzIXTPTT2oKqQtvB6MXzwKmxMEHtnPJpFDCddk_0NSOhqW9tuJTIFHEDxr1qzLUF_hvK6DcFRSZaR7UPUvA6Vp8bUiE9ptXiVqO5IoTxKBUu2YEBmQLf_NpuOh6ThG_4mxvmop1aDXff0s7tyQqJg3wihdvPT9GR4ZqTOaGqNtoqfDGMJGOdm0iqg9sak7hVuxjsnApFlPU_E4FUmPlfrrh8Pt1F4XAP_u_SEkMqM8EMNNDuz6U0PXwINLmt0WNkeEIWoLIsltd2kcO_p_kXz_EWFg0oJN2y5eQTe6Cr_G2W_ckd0qiFPTIsG_u8-llU6joGhAjkf8kuZG-88vLkgYimF6nKSBoN_Oz301GfnhZr8ziSgBwhQojcK0Ra8_hd4JsnlEUKh4sUVFEZJUn3o4_3zTV5nu5XnsSx0MvypbiJIb5DxHHM876Kp2t16t1GGwe2J8UYCxBBDQ4VkgkHsWy7GLDWnhZqxcBgpUUDqZOHcURL4_O9i-Ne3Nywst2s6mGrJcK5OE2DI1xWJDh3zldUmtQ8IA5eLFBxtf-JMQfY1QTeNQForbxw0Dy_fHg1X0l0jhcv1Ma22KOLWZWG6VhWpjBOWqT9eY1QxR4UVpwJUezpmnmF-teGlfU-grPIbLJHKyRXHfqIVlImVsyKxRPzDGI-RjdNVGP4Cwxwx8S9QU9YtHeEDJgFyACtycMA-fKD_dl_3VhSDm30WbYNdfcT7C2EuP5bkAup17Cfet5yT-gfFzg_zafjtw3nii9YGZOnZIZRgwPktTYM2vsZixrIPoVMN70vlN1TqSxoL53rC2R2JFGQbqNYQMBt5N8rkima79CU9_H2b6jyG9Jyh4pv07FUD2CcVj56hBMiuw7l1NkO2CD2poDk7H5cMhUQnvFzNT88Pp9n_anmag303iVL8fk34wicqH4AL5sDwQWN2OcqbTw3wseUpEydL840CwouE0kI8-thrIvltVGbZ2s5BmtG5kjCq3aJX2Rr8lFfNjP9f6_ozeTAQyyipuUV37hUG1pWEeF6mnErLCxQ-XyFJ93X7ITrunzBi7K3OaGjopUwrYtLHdrO9TW1wn6amdrDT_UN

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FF9 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9_e0FnHZYoqoOcGY3gP4grXgAQAAAAA4AeAEAg&bg=!9fal9rLNAAZlvz3gRb87ACkAdvg8WhmZklTviEv3Uc_F_RZHm41AFTcyhHvSgn_g5zIgduHbog-XxAIAAAE8UgAAAAFoAQcKADRAk332ZCD78uccubRi2SDi6fXumfjDv7XEhM2z9q8znGzqOsbSoRzEsMUpRM3yLEO4tgPwmQLxcnU0SdMYnPIjEd1p9aUON0w90TCA09eOz7ua92CzjPcou4yBGcbvJ6_JSQIWmTKkfSIFMbJRhLIDgPM7g2OwK37FBqPDQPnU9MtJz3EW_u5s3CY3alkZNIQB7CMtjqjXW4jl3y1KmKOUqoiVVaHO9mPIUBNwbotMdYgNP1UeSoTvb1_M7KBHs8dud0EDQ_x8Ga7eujXZlVpyRE-A2kSka6r6MRHWL-S8OWJy6GGKJdcnCHKUTXROEeobB7Es29dgVL2D18cEm2WSyKsd0iDifb7HMyQQYEiTv5aU3ZV3XshK5iMh8mRh3c21LkualeWiVoIxJOmytWY6ZGwUiV0d4ML_Pp7r3vcqzJ1CTKyj-w_iB9zhfBLiPZ5ixtDL5EDFxVymgaR14uDcPC8dt3-bIGDbOd8pvi2gLl6hdgPTmbE_HVFtfCytKivV-QMSwa_7YXfKDNPN3dYT0l4GKE72iQnoNfPTei9c_i21oA83iNkOHqtN_kdGNeSPLlYMs3We0RMFv6nUKsNLTCLL6xsQw2r6nNd0eNCQkxvdB1qGOqv9uiClARjgNpeaxY-oC5CQ0PljL9NL8dyB2TNyZBOBVJiivKRTv0XVYexOK1VVLL-sPHTAIVyellPj7RiYe8OWVrDoT1xSQ7reR5VqlnYs74A7oTelZdbo6WRmJ28tg1UeWvkj9ZR8UyB5B9_elDAFO_zUqgQcUgnp2oao_bWq30o369_06graJsKxlbtrIlwFUted38s7Cu-E0RuW8D3jZGRE6c5jRngcyDLJlZ4z3AD0csQzb33phTzu0vdQV2jKzZzNbB41WEeNH_sp-sXOurPdkEvXePNfQ3LZgAK4GuIfawWuVfQFy31haiDUTU-tjMXJvJPCPfak3DzTh1-epg6pXMBTKLQsFWaRnTFX16QdDuZ_ZnciiZzyIWyeXdRPoZq-ho2lq0P2P8jwbbtbtBIQMrD-F94x2G2ayln4Fyw6b0xVGaolGJD7tU68I8Ur

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE93 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bhr0iFnHZYuudPLvLx_APscWbyA4AAAAAOAHgBAI&bg=!dXaldjLNAAZlvz3gRb87ACkAdvg8Wib0mzswnLOhJftmjZd5T12aaRi6tcwZmD63CPoUH7JDDVSciwIAAAERUgAAAAJoAQcKABynzwW-0CK4IhNS8cx6W7SkGLO73wZYKkIK78ZpmQLvX0NaH3OQoTm5CoYsXH4Uy03bNxp3ZaaB9goiOJaDXXOBUOKKzZlQ4hl1xWxT7whEXL4M3j3rv8kqhhpktflQAhs0UjIaSbMBwYyA5RNZokAPFg7NzaAJFd0yUIRszyCuzprZ51qU0M3Sva5BWe0SCQLkUeo4w2IBiwizFJqU2flbRKhZEfWq2NBRk9hRwQu_PLijGM73z4PmQ3Macb1fMlfFMKR08t9IUFeMV-yAczdD7c9750_2RYTrTOWe0x5bfdq8xFV34wTQaQv4LmkjJNDpeFQvkNFFYojUaGNLIjLRIMPIQ4w7Hk9U0WrvMSHXw_9UX-5rXDZ9joo314_4ZgOYdVa3GMuFYwR-31JKWwB_Wuh9W1y-5eiBzDU2fs6mzlKdnWLapCh2mJ5GoniD1CBkBbv2kbFzJlgV00ebJJ3B8X2DJNU8SJiNU6R9LgmRn8ljz6Hm1TA-fA4y7hQdAqDwpOlksG1a2wfUHRbDx37AAmXsT_mYUmpEx1v_pwE2UDUNRjf7fjIaQuT5LKHeQ0ylbDMxlRAq5Nv-86ImJKY0b-y069d8VpM6Wmjv4OsZHVvrIapwJD6Dd_ucLTZydfBHdaLmmzM0bO7_nbLqEjIlcV0vqUVskRyK2eQPDqYoozN_FlEZaUHWW7iOECqwWM1tanMXnGNOiXf9HGsJhd2w_EDaVZemV3-BRcT0ldJGeNjIxnp7ciO0DcA9dKPvBbBInpZ3xlNedJYarP7QC1AK648iMdT49OWDxQehzZsoCpETkz1fbSHJ-QDEFCD1GE3FOO4jAWRRTDcbR9vK9oQcPYby1omjOgcLnGkEbyWQY4EW9n7kOjd9V8eeB_bLtMfeT3X0Wle2jbVzvZUgOS2X0WTM-eR04Z2dGcXGG3LkhkV_C37F4Ors00wvvLh7HVIxo9VpQarDa9VEtHN9SHnzrbBlGOl9dMCXvLzN12HSsHljL2jDMBLJkjDXOUHoh61KhOVOlVo4yaVzPgdvaQ

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEVf7zgxUmVE3QSg15NMO4&google_cver=1&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Bj1i2XEXTgCHfPC3_1-VNg&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4MNID7jnS...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Bj1i2XEXTgCHfPC3_1-VNg&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4MNID7jnSdOkN

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Jul 2022 15:30:31 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Bj1i2XEXTgCHfPC3_1-VNg&google_push=AehlK4BAIIJeQiQ514e8aX4y3cDJAUQQm4z_Y_pDVm6NLHajpN-vO40fWYPLMOhMWONLRmHk1dmpOkeYIl-zC4P4MNID7jnSdOkN
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 21 Jul 2022 15:30:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJTy0c1hRSgcWOR8ox_AG2A&google_cver=1&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTZNzhxtT8SNOHgtujrT5w2&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpvJ9e8H4IGUuU

170 B
188 B

34ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTZNzhxtT8SNOHgtujrT5w2&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpvJ9e8H4IGUuU

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:30:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTZNzhxtT8SNOHgtujrT5w2&google_push=AehlK4BIq7HsKY4DdDd-soLUeM0BNONRVs4nKHci2Hgo3SDgTHouJ0GgVk1oMFny8Jcsm-X1zl8n6NjSU87k9bpvJ9e8H4IGUuU
x-host: tde-deliveryengine-production-78dd496b74-95qvz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESED1m-ZBGXO2aYwJPLydXWmE&google_cver=1&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd2z23ZQHPex5FCYf
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=anc4TFVRN3RBQ0NyWlpjVUdISFpZZw%3D%3D&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd...

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=anc4TFVRN3RBQ0NyWlpjVUdISFpZZw%3D%3D&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd2z23ZQHPex5FCYf

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=anc4TFVRN3RBQ0NyWlpjVUdISFpZZw%3D%3D&google_push=AehlK4CuEkMwrPe24M30LzuKEw-FLkjJlLvaqGSsOujCv3yRnsdiUFj4-bh4G_Gwwhl05SSuDNuEP1QVdj0nd2z23ZQHPex5FCYf
date: Thu, 21 Jul 2022 15:30:32 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 243
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqb4cjUkQpdRv0jwqQ5e_o&google_cver=1&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUk...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Czbj7Zki8OAAu9jHDv77hQWe0Y24ILdECLRCIKPiHBsmvYMGA6E2Pah_UO1R5lYm6ofNjv8CjZL78nDWW5_EUkj6O4ndUo&google_hm=vFeUThNzQu6Rm5ruePbd7w==
Date: Thu, 21 Jul 2022 15:30:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEcPFY9AoCcvTNZgnk9kWh0&google_cver=1&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtV...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtVxrJEm&google_hm=ODkyNDc5MjY4MzczMTE3MT...

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtVxrJEm&google_hm=ODkyNDc5MjY4MzczMTE3MTc3Ng%3D%3D

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:30:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DuYc_hiKVcjSmZ7k20dppjAxXWrzgs01_GLvSkNEpdgPZ4zeTXXZSB1AKZimW1vFC9QwvjVDlW4FIg6wuf6R8THtVxrJEm&google_hm=ODkyNDc5MjY4MzczMTE3MTc3Ng%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ3dh7MkH9acCHZ1Y1Hc27E&google_cver=1&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0OTkwMzQ4MDg2MDQ0MjYyODkzOQ%3D%3D&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75V...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0OTkwMzQ4MDg2MDQ0MjYyODkzOQ%3D%3D&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0OTkwMzQ4MDg2MDQ0MjYyODkzOQ%3D%3D&google_push=AehlK4D1TYvMirZYYcix22C3ryoR8aHNW8VTMwfHTHeXYjJEcJI0p75VM6luGzw9SctzKB2vIZV2QYW6p0sdPt4V8OwFh3OpqRx1
date: Thu, 21 Jul 2022 15:30:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CC0
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEAqfiZRTOsS5dPRhappT2Uo&google_cver=1&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FVMgmSp0h7QOSvwKb8zidKzhZC0EQ-Z
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzI4MzRmOTgtZjEyYS00NTMwLWFjYmQtNjg0YzA3YTRkZTBm&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FV...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzI4MzRmOTgtZjEyYS00NTMwLWFjYmQtNjg0YzA3YTRkZTBm&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FVMgmSp0h7QOSvwKb8zidKzhZC0EQ-Z

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzI4MzRmOTgtZjEyYS00NTMwLWFjYmQtNjg0YzA3YTRkZTBm&google_push=AehlK4AUhyQSEEV1m2DN1XW3caCXyafOCWtHzii3SL0ZQsIxELnEdkAggQU70Q-tR32b-FVMgmSp0h7QOSvwKb8zidKzhZC0EQ-Z
date: Thu, 21 Jul 2022 15:30:31 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CC0 0
12 B 30ms
29ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6EZLcaoNyctaQbKscqfIi8ExkcZZp4atOzn9kVH7uiuwzmVnvDM0CgYDw_0PAkFmg8efFoA

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 392D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1&google_push=AehlK4BlBwHCzZGjldOUfuLIMlVvtzSb_4Qd5KOFzEXQVHldZJwk8z3fRsjUBqoFVhXqdTZbMJeUtmo5-03pnUVvbjH6foTjolpn-Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA2ODgyNTYyOTA4MzI2MTE5OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1

43 B
398 B

56ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbO-2F5rDl7Sy5AHFdHJAY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 392D 70 B
264 B 67ms
65ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHSfiKBY3G9_qIo0jVgLlt8&google_cver=1&google_push=AehlK4A3OprUrmp9cl7DQ0fnrECx5tZng0JZ2JC0lTBI3GGo5CtfclGuXO2xdZVa3QoKKr_gr4MectQPp23RwAOV47A_NWnsRH3pkg
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 392D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJTy0c1hRSgcWOR8ox_AG2A&google_cver=1&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMt...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AmmcvynzQuyfwmBLogTxDA2&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMtn6bh0dpqO1v_lg

170 B
188 B

34ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AmmcvynzQuyfwmBLogTxDA2&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMtn6bh0dpqO1v_lg

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:30:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AmmcvynzQuyfwmBLogTxDA2&google_push=AehlK4AAoR3UmbnlzxG_85c1_e2h-rsmCuNAWcm7inX_K8-x31DkpOWvWc6ehpQNQBf76NaTjoP-NIlNwkR4yMMtn6bh0dpqO1v_lg
x-host: tde-deliveryengine-production-78dd496b74-mx84r
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame 392D 43 B
64 B 57ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOtJ_NcmOAebbWBdjAHn6RE&google_cver=1&google_push=AehlK4CohfYNSuzFKMTBdoPI2JSXj6SRwE8vXIiAmK4SpzkquRDisGkt9_tO-6urZY02dHsvcJNZlWtS8Ic7XXmlyr3Cpn1lYqv9zw
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p331g9731ukpiaaqrhiak9e6jd0vgcpq

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 392D 0
44 B 746ms
244ms Image
text/plain 54.65.22.125

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESENbe83KqI-U-oUOcmtGnUUY&google_cver=1&google_push=AehlK4DU0vTsIErb-gWNY9M0-LDQ1Cg41a7W75RfR61cSlY43ANwMjTFjHpvGfbpjDq2N6hgkXczIs7uu7GDnPLdfe3mBCdPKm_5
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.22.125 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:32 GMT
server: awselb/2.0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 392D
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEDgxsIgZMfXMvj0uWQ_A7Cs?ext-param=AehlK4CYuazrp7omTGEpKbeMYugk0atJVefKdzGwSoQ0KnHT03bQgZnrtm_nJ-1Q8w--LniE3TC98JoPOEJN0dfsr1hGrRjISJo-0g&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEDgxsIgZMfXMvj0uWQ_A7Cs?redir-setuniq=1&ext-param=AehlK4CYuazrp7omTGEpKbeMYugk0atJVefKdzGwSoQ0KnHT03bQgZnrtm_nJ-1Q8w--LniE3TC98JoPOEJN0dfsr1hGrRjISJo-0g&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDgxsIgZMfXMvj0uWQ_A7Cs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

64ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 06 Jul 2023 15:30:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 392D 23 B
172 B 47ms
46ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAaseoicAjcfg1-ExF7Eq9M&google_cver=1&google_push=AehlK4B32kib8KSMfD0N9_54iNds2JaaPHpvMF-VyECV3C84wUBBiAafmdBhsxd7qnwmIhxoxSn82z0YCTFu9kOmDefzGpjJEmlZ0-I
Requested by: Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 21 Jul 2022 15:30:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 392D 0
12 B 30ms
29ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kyle-brTIgvSFTzrr2Lt8MrarjX21hp1CX1Y_wp1vubTqRjj0w1hb7BEIerFjoX8SN3ZX5F94

Requested by

Host: 5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
URL: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 11505016127833275095
s0.2mdn.net/simgad/ Frame 522B 121 KB
122 KB 94ms
23ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11505016127833275095?sqp=-oaymwEOCKABENgEIAFIZFABWAE&rs=AOga4qkufYWKvbxKKRP4xM2o8PZ4UshI0Q

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=1964084963;ord=75g2u2;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=62;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67cf9b4bc639937fbbd4d3e5d1a9a43ebffce2577ff3bb0a9b3def6b4088a68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:59:51 GMT
x-content-type-options: nosniff
age: 37841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124106
x-xss-protection: 0
last-modified: Mon, 16 May 2022 16:38:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 04:59:51 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/ Frame 522B 10 KB
4 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4037
x-xss-protection: 0
server: cafe
etag: 4842123143989086801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 20:27:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 522B 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:24:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 522B 137 KB
42 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 522B 0
575 B 130ms
62ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXucxPdhjKTqrSejaqgw_eHyD_7k8JkEWQXyFcBtJdt_yB0J11NYDvsPczZ8BM4-vJDKSm6H1uDPJQuxva-TbvLY8mLqiitZTf-cWQmW5kNynUkriO6Rcs8sGitbwtMuHh2LSO4Y1UYZKw8RZ0NsbwHeoe5IFnI30&sig=Cg0ArKJSzAiQWLntfHRFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220719.21479&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 522B 41 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H2 200 11505016127833275095
s0.2mdn.net/simgad/ Frame B3C7 121 KB
121 KB 101ms
48ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11505016127833275095?sqp=-oaymwEOCKABENgEIAFIZFABWAE&rs=AOga4qkufYWKvbxKKRP4xM2o8PZ4UshI0Q

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67cf9b4bc639937fbbd4d3e5d1a9a43ebffce2577ff3bb0a9b3def6b4088a68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:59:51 GMT
x-content-type-options: nosniff
age: 37841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124106
x-xss-protection: 0
last-modified: Mon, 16 May 2022 16:38:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 04:59:51 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/ Frame B3C7 10 KB
4 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4037
x-xss-protection: 0
server: cafe
etag: 4842123143989086801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 20:27:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3C7 137 KB
42 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame B3C7 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 15:24:09 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3C7 0
63 B 108ms
63ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGXXnstTEUHnyCu-ROZWZD12lNKj4OdBWOTCf24vVNEpSjj8Dxq9bndvNJFfqW1WIDU1W0aUx33kp8EvxUqBw62ZNLI5blrfgjjDoEKyPfdkHRBfvLEf_ocRlBT6izwtemg7yC8TgQOdw7C0lqHr3LlgEc48ojC3g&sig=Cg0ArKJSzIAaRkiaYOQZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220719.94451&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B3C7 41 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 42D1 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6072 22 KB
8 KB 24ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 42D1 35 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 19:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 19:07:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 522B 7 KB
6 KB 82ms
35ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aceed150abec05f1efb83cd9071165269c1be1473064338ad81cb6ef4238464a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5786
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B3C7 7 KB
6 KB 79ms
33ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b40ace865c2e0e108667f5cc5a58d287db46100ce58ca1a63aba36c028b84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5738
x-xss-protection: 0

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6072 35 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 19:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 19:07:12 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 522B 0
26 B 100ms
57ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3C7 0
26 B 96ms
58ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=90.265;sz=160x600;u_sd=1;dc_adk=2228999106;ord=i8bxmk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.craiyon.com%2F$0;xdt=1;crlt=LUDPA-VSfA;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B3C7 17 KB
6 KB 1103ms
1103ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 522B 17 KB
6 KB 1117ms
1117ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:30:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42D1 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bpt09F3HZYuzKObvD7_UP6d-KqAwAAAAAOAHgBAI&bg=!GBulG1_NAAZlvz3gRb87ACkAdvg8WowNt08xePuDmhTb-UnYmHBq0S6BbrMgoaAIcEQP3nrc5maYyAIAAACSUgAAAAJoAQeZAvhe1G1Btk9gbVExqGP395b2MxOhCV9INzw9zTAtdBkTH6WFlyoXMUkI7haSWr78R7tJ2sDsKPhxSYJApNIs1ouFo2oSC6kXx7On9V6HuUWsEX4lsvRptvhglR79oyo2KXo1CGrS0hzivXyvXx8xoGc9J1Ebx8Yt-gzf2PshOf5LVRdmnTMqj8FosBGEn5Z21j5CNLPfdvTgTR4huRrST6B1vbnIymCHQ03Xg_Sc_4uB-L54Y0fiy5RmYvXnliZD3yPXg-MDdsrgHv8K4T2ncEGmt0dWGyVFr6C5Ient19_QcboYKKqMFH2Z2d1ZSqCktXTSxh3g6Wd9IV7cjp9X17BF__AGU_h2u1B236UKbnC6PoiMJeRWo3kc0VB_CQHOh4XKwFiNIuFkilrTdUUfkdW5e-qvPsIlwRevXXD_mLPsdnxBtlLlyrfvdwzG8PQyhQ2sfqxcZuFv51nxLmtNMcjq60jZLTQw39toKF6kq0-EDXt81MmsR2wP514TS-g24Lb8WXmPmjoZXw70h69B0GXARNfMUDhNJ2p8EKXojhavL3fm-MerlErXAwb9l1hGjkGJKGbj8pzW6ziw4OxK9aSby3vgJW8ZVtIYre4a6P5lsb3p_yevIYjj6XwS0cHI8WNFv4qz6MCXalKj88NjBzZYqSzQWDX_VC-55CrqBCeWE7LfgXgs44RtOYlhklvCLcNLi9dtjPilAbRFv8xcPRg168U1HGVyiybvNMQljIagOG_eZw1qYSZPI_xmRlwNxn36Y8IaRyV269SRT2VTgudFO-pv3opdkwHosLQCmBiEUvAvElIWD6gs1jIpZieeysHPnLWCr3c0nlRON7fwxkX2ApUTbTV9kAISwLPedRQ0yJzotTvtGzuLxQPvtKlEXMDn_XbzDze9IEjxYdeVUlgWLw6JEjufsq4nD5Yv4o6EpnZiqUZ_oOryT0KbUYTLJQd5hrPgC_FdfTz0Vw7CT7swx3KceyhaAhr6OemdA0lukFDJR0lnfdSy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6072 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5-1bF3HZYsHVOZCq3gP2xLzwDwAAAAA4AeAEAg&bg=!FxSlFFDNAAZlvz3gRb87ACkAdvg8Ws92leUUzwMadAdI40o0lC6wXsYblEnmJRHOnjeSwTOWGjBQ8QIAAABuUgAAAAFoAQcKACzljUS7M5IC6usopUNoNZ2oKRILZxR5blo1YEASaKe5i0MwGsyGRO5kaBiHLZkDBM_5bqt4boO__zG2lqyNhospG3DR9L03WokHKTqlzepIpfTiYZwS-h0SR8evr-cyMaEuWgaqALNdWwljP9s812F7YdvzUJbchWJ6fs7KAqGhkx69-tattTCX8AeUl-kqgiJ2PTmiMUfn7RCvjnYq2mD5J-Qjptf3W240M97RTvWk3gQdthXxiWh7Jed2Ey8kxiTfFEjCpvxrhj-yX6ZibN6dB0zFuNI4pY8qp3R4aoAsIK5Sx8u6eTImYW2p9QV8l7gRVA7op0pk3i48pijYjU5fK9T-_cK4Le7-tz4xDeX41jPW7Cdvq8wfsVCxjFm3a55NgyC5Jrg8B9J1wKIorLmlXIZxirBXmOzgmNym31l8Khs9UVc7WU4Eo4POCw4BwvrZGDe7X4K4MQNi5y0FPtTTAZdhclaO7RgmY5Fh-ER1RaIA5WUpbKLsp75QbB2tkfVD56f21wIXKyEFZi0kipKb8v_gUDSt3gaF6lmfdKm26177owuVGpnvvgnbu3s6KRFS5oO9UVAKj-dpUDrsLwFveau7DNV8jXY18oZnZy4zifS-HCco-p8VjBUv81de5b6EpeRE0_Shsr9pvHNTUJNOUde6vB3y6EpHn8HB9mW1SfQBY5nV8IZZgQlfb5PyuFwUX9_a2loJYD2y2ACAq9SKwfYfCCZ3OKjoq6AjpJlMcgXiNl20aMLmN_EZCxMJyzj1kETihLILmyx1M5254w-ia3vt2I1vFzEEFfIHQiDgxwuLi_OS-i75la11LszrBcX-kl7FadAWuFps16IKk7Uofi3mXHU6z-L0IdRaEuzpwBw5fI0QV3o4oIc9VulfiVLxHTIeINcZ9goTCVB8Us371G77ovyhMoHTjo9acKb6RU1gZpraJm1Wl4_UKICmAv5ePjsh2oGHe6OWT5i9ye3k2Q_csJaloMMaE9wJU0u3IJC5ii7MMyyQP0jZqpE3_uORl-NFgTIGmFStmtK4D41nH8FK1sX2CQNvIlJ9mSNQK5FDT1d9XuwZKtXA4N889sFLITs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E97D 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIzCzSdh3GQokVzvmip-0_xeZVwR-tScMgC6a-jVrpqhKY1Zkt9N96zuRBUamfG5uULCzc-H1-MpvZ37_2vJO20E6HVfdIQ9tiw0926_oo72uw1rOUbRWx-F28Q_TzZ2M1mJiJk8-Y1J2FugR5h6MqRM6t8rETBC3X8sdNspUwwC5vzVf2NKjXBj_CVHPUl6Bqq5AkYA3vpBBRkKrQWzmJ1i7UNoesyWMFdxCpvK45-cpWfe_e3_4rkR6k5-TAlzZTZlCPLhArcqpPrygFN7whbpwyq09vpUiUJJYi2oO4gXujAl7m92GjgHdekBq_xEYYN10gjDclGB6ytEeNt5WoS-tQ1HKEKHYJbTPDeUI0aEUOJ1X9bhyaXKtp7lx2m446RKFA-zbVayU1Bs57W3Xe5QLE-hlkQT4q0__N&sai=AMfl-YRoVRZtoY0c_pgKHX2D0SyfGxg2eCvudRLsdSc8VRAHu6pNyUtLBIq6rPTRy1gZCR4z4DZw1rNOPOtc5XiKGcYAjc-s0Ri_fM8xnDclI7ZmNi57eeJ6-s_uRuQ&sig=Cg0ArKJSzDAUWOJE-MxJEAE&cid=CAASJORoGZkdopEG_QkqEWMrR4JFu_9pFTz24hiolCpywc60xwAq4A&id=lidar2&mcvt=1000&p=110,100,714,260&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3040571525&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658417430842&rpt=657&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A499 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugRv5_XxPWVBCBhs_b6xt2vHmuWs8N3qEV8Y-JiMqZMtF4qUxUQzWdw_5u1iaDTXJCVHF8VhTtHEXI5Q5gMBtPwpkHnd7TzKFUIP5HM47YaAM4bQXT_v7l6abnXGsrrgFBfrjmlDD6OmNRSEG-exRheskvCL_knCvRT9YoYFxQMBUJpJrlbkC2GNOut6pyZGpYImT2vtIRHHaukbjA4IxRcQ&sai=AMfl-YRQgAIpRlJly33GQhkJ-EoG8pmHvugrAnVFTFIVIOE1PevzdcVYxf4n_d3a9NY1VPSPk0G27O7KJEjNV0q-EoqASuzTz8xGRJESQNcrcMosNxxtzeMVI7CLD08&sig=Cg0ArKJSzD6RFtuYM7EJEAE&cid=CAASJORoOV5FYxxsIlNj9xM-zn0EWrXUIywQMjZdEmE2t_rq6utdDw&id=lidar2&mcvt=1000&p=110,1340,714,1500&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3040571524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658417430771&rpt=769&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DD6 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZl8hGMHMpexthKUY9Rs5X9MC28CiTMqoA0ukWJrbtDlQw3vt0hXQ6CgjOrn_CAIMsd56p9-i6HMRcp72zM7J6CC9HqdjsN55ctKfbby9dvEJ-aVHxYoFLfmC5&sai=AMfl-YRqPtnV8NjLcNPb9Ql9hpzmig-19OUMHYLN19CVSclLoBXA7NBkKhteaO4KLsNdlOpIHyluPWHrIpEngNcWDX7B9chEZyhnUZFD8UTEDvkmVRJaARn3maDOnh8&sig=Cg0ArKJSzCENa9Q6NMPZEAE&cid=CAASJORoNTCmLtYEKuvDbNnX7ql4eTp-FqUCfRttCm1ZXu-cmQzt8A&id=lidar2&mcvt=1000&p=98,315,352,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2537007649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658417430679&rpt=1097&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.craiyon.com
URL: https://www.craiyon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 151ms
56ms Preflight
application/json 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.craiyon.com%2F&domain=www.craiyon.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.craiyon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 21 Jul 2022 15:30:32 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1190
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.craiyon.com%2F&domain=www.craiyon.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Ab4QB3x0czdWbWdUSkdtSnN0MFU4Q05raWp0RTNpc21GK0o4TlBzOVFKYStKTnZLQTBXWFgyT2ZORDBhV2M5MnhMd2t4QU9sS1hQMDBDVjQwM2hEa3VHdW9zRU52MldWeEVYd21KRVRkNmtqUW1ZVW5jbWRwUnlOaEZXbG...

339 B
608 B

125ms
38ms

XHR
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ab4QB3x0czdWbWdUSkdtSnN0MFU4Q05raWp0RTNpc21GK0o4TlBzOVFKYStKTnZLQTBXWFgyT2ZORDBhV2M5MnhMd2t4QU9sS1hQMDBDVjQwM2hEa3VHdW9zRU52MldWeEVYd21KRVRkNmtqUW1ZVW5jbWRwUnlOaEZXbG8vcFhBb3YzZ296K3cvdE95RHkzVG52ZEJNd2pJTk5EVmFXdGJXOHlFb2dXZWxLUk5tM3JSc3EvU1MxQ1FzdHhEWEJBQXpOL0VmR1k4VlJFQXJKRHd3aThWVjhQdG51RTJvK2x0SVlQUEtvYW1LYWVHZU1jPXw&cppv=2

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

cb86654cae677b2f5988c6549817da1f3fcb19c39712aac6e307d93ca2aa6358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:33 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4001
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:32 GMT
location: https://mug.criteo.com/sid?cpp=Ab4QB3x0czdWbWdUSkdtSnN0MFU4Q05raWp0RTNpc21GK0o4TlBzOVFKYStKTnZLQTBXWFgyT2ZORDBhV2M5MnhMd2t4QU9sS1hQMDBDVjQwM2hEa3VHdW9zRU52MldWeEVYd21KRVRkNmtqUW1ZVW5jbWRwUnlOaEZXbG8vcFhBb3YzZ296K3cvdE95RHkzVG52ZEJNd2pJTk5EVmFXdGJXOHlFb2dXZWxLUk5tM3JSc3EvU1MxQ1FzdHhEWEJBQXpOL0VmR1k4VlJFQXJKRHd3aThWVjhQdG51RTJvK2x0SVlQUEtvYW1LYWVHZU1jPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1862
content-length: 482
expires: 0

POST
H/1.1 200 258.json Show response
id5-sync.com/g/v2/ 213 B
622 B 73ms
23ms XHR
application/json 141.95.98.70

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 -, , ASN (),

Reverse DNS

Software

Resource Hash

6945e6751835762bb0433d1c9b5cebfc862f82143f261f04d79dcac629228511

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.craiyon.com
date: Thu, 21 Jul 2022 15:30:32 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 51ms
49ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 76839cef88e1c064c01f1423b09acebaa3806655559effb9526c8009fa28fa9a

Request headers

Referer: https://www.craiyon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:30:32 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.craiyon.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 20 Aug 2022 15:30:32 GMT

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 283ms
101ms Script
text/javascript 2a02:2638:1::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:33 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Jul 2022 15:30:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 522B 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvINagzbz6nnbkeIC2Ie1ORLiVk6q_SiVa_gAosC2iD2XelNtutMTYVRCg5NvcH1AGzPHqf96NZsf24RuQvBG5-sluAInB5&sig=Cg0ArKJSzL8KfZ5lgv1uEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=1964084963&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658417431446&rpt=718&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3C7 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq7fVBWBF2nokgaAswJuRJx2ZBzfQSTPmU9doYpBTUiUIyy2ianGvWCsmIVSk3ncz_1ZzLX5-goce6WfbfAkqX8qqxgOTn&sig=Cg0ArKJSzMGEe3_3H3l5EAE&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=2228999106&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658417431438&rpt=732&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:30:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 129ms
37ms Preflight
application/json 178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 21 Jul 2022 15:30:32 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1090
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 18EB 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FE0 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 15:30:21 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 9D5F 15 KB
6 KB 41ms
40ms Document
text/html 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.craiyon.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.craiyon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:30:32 GMT
server-processing-duration-in-ticks: 2694
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js
static.criteo.net/js/ld/ 27 KB
0 150ms
51ms XHR
text/javascript 2a02:2638:1::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb-ab.vntsm.com
URL: https://hb-ab.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.craiyon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:30:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Jul 2022 15:30:33 GMT

GET json
gum.criteo.com/sid/ Frame 9D5F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=publishertag&domain=craiyon.com&sn=ChromeSyncframe&so=0&topUrl=www.craiyon.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.craiyon.com/	1970-01-20 22:11:29	Name: _ga_7EXMWJ4JZ4 Value: GS1.1.1658417428.1.0.1658417428.60
.craiyon.com/	1970-01-20 22:11:29	Name: _ga Value: GA1.2.253240124.1658417428
.craiyon.com/	1970-01-20 04:41:43	Name: _gid Value: GA1.2.1054622783.1658417429
.craiyon.com/	1970-01-20 04:40:17	Name: _gat_gtag_UA_232341591_1 Value: 1
www.craiyon.com/	1970-01-20 05:23:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.craiyon.com/	1970-01-20 05:20:36	Name: sharedid Value: 2214bc1f-8217-44de-9294-cd835dfdeb67
www.craiyon.com/	1970-01-20 04:41:43	Name: _lr_geo_location Value: DE
.craiyon.com/	1970-01-20 13:25:53	Name: _ym_uid Value: 1658417430582189647
.craiyon.com/	1970-01-20 13:25:53	Name: _ym_d Value: 1658417430
.craiyon.com/	1970-01-20 04:41:29	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 04:40:18	Name: sync_cookie_csrf Value: 1183602777fake
.mc.yandex.ru/	1970-01-20 04:40:18	Name: sync_cookie_csrf Value: 2484952364fake
.adnxs.com/	1970-01-20 06:49:53	Name: uuid2 Value: 6605175168084564116
.yandex.com/	1970-01-20 13:25:53	Name: yandexuid Value: 5753699121658417429
.yandex.com/	1970-01-20 13:25:53	Name: yuidss Value: 5753699121658417429
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 48571751658417429
.yandex.com/	1970-01-23 20:16:17	Name: i Value: 8R/L5fIcHwVi5uQOBxhtA/BvBmSvHu/KnQLspE5DvYvT3TXPM3SELBOU3SdDMB92tf6M8FsKGZesD7+Wk3ZxPWy+Osc=
.yandex.com/	1970-01-20 13:25:53	Name: ymex Value: 1689953429.yrts.1658417429#1689953429.yrtsi.1658417429
.exelator.com/	1970-01-20 07:33:05	Name: EE Value: "73ee2d526b6336741ac0faf45f8e6a7d"
.exelator.com/	1970-01-20 07:33:05	Name: ud Value: "eJxrXxzq6XKLQcHcODXVKMXUyCzJzNjYzNzEMDHZIC0xzcQ0zSLVLNE8ZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6IhfXxUUpaQyLSopPBR8U2AgArewqSQ%253D%253D"
.go.sonobi.com/	1970-01-20 04:40:17	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56129\|YtlxG
.rubiconproject.com/	1970-01-20 13:25:53	Name: khaos Value: L5V6X2MH-I-8M4P
.rubiconproject.com/	1970-01-20 13:25:53	Name: audit Value: 1\|hLZGFuTafB148ceCT4EmxrU1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRv4S5ZrURBbJuWAmMysaorW2I1AQazitbyYbB5SW5XQ3Xmyc3hVLiuyma+WVcS1g3g==
.doubleclick.net/	1970-01-20 14:01:53	Name: IDE Value: AHWqTUlYmUqRYk-Hieq5xMCCnnqumjBajxuqFHtjEDZdHkq7AVB5hrksCjG5HLGuLfI
.prebid.a-mo.net/	1970-01-20 13:25:53	Name: __amc Value: 2_1658417429_1658417430
.twitter.com/	1970-01-20 22:11:29	Name: personalization_id Value: "v1_0MxEIHLPBbkRTIKB3YjrRg=="
.adnxs.com/	1970-01-20 06:49:53	Name: icu Value: ChkIt76EARAKGAIgAigCMJbi5ZYGOAJAAkgCEJbi5ZYGGAE.
.craiyon.com/	1970-01-20 14:01:53	Name: __gads Value: ID=3479a71c1e7594ec:T=1658417429:S=ALNI_MYyh8uXfzo6TFrvdN3unHZfo-foWA
.doubleclick.net/	1970-01-20 04:40:21	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 06:49:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMfUc+u!]tbPl1M>e)ZlrFUfJ+tGXxpCGPoW_^%qbP_(e'rS-V']<%9)HaaTVF>X*Lm3If)y3KL9D3I?+:CpzF<
.casalemedia.com/	1970-01-20 06:49:53	Name: CMPS Value: 5152
.casalemedia.com/	1970-01-20 13:25:53	Name: CMID Value: YtlxFuugwrAfzLHfXd2Y.gAA
.casalemedia.com/	1970-01-20 06:49:53	Name: CMPRO Value: 1128
.yahoo.com/	1970-01-20 13:26:15	Name: A3 Value: d=AQABBBdx2WICEBqQaOioCEOe16Px_r-SGAoFEgEBAQHC2mLjYgAAAAAA_eMAAA&S=AQAAAp7KGJfFr0B9pEk-oywpgrU
.analytics.yahoo.com/	1970-01-20 13:25:53	Name: IDSYNC Value: 18yl~2653
.spotxchange.com/	1970-01-20 05:20:36	Name: audience Value: 0e39c79a-090a-11ed-8295-15758c630406
.casalemedia.com/	1970-01-20 06:49:53	Name: CMTS Value: 1173
.360yield.com/	1970-01-20 06:49:53	Name: tuuid Value: 98e51ed7-3701-4bbd-9b8b-fb515d3f332c
.360yield.com/	1970-01-20 06:49:53	Name: tuuid_lu Value: 1658417431
.adfarm1.adition.com/	1970-01-20 06:49:53	Name: UserID1 Value: 7122848629276670095
.bidswitch.net/	1970-01-20 13:25:53	Name: tuuid Value: bc57944e-1373-42ee-919b-9aee78f6ddef
.bidswitch.net/	1970-01-20 13:25:53	Name: c Value: 1658417431
.bidswitch.net/	1970-01-20 13:25:53	Name: tuuid_lu Value: 1658417431
.mathtag.com/	1970-01-20 14:06:12	Name: uuid Value: 063d62d9-7117-4e00-877c-f0b7ff5f9536
.mathtag.com/	1970-01-20 05:23:29	Name: mt_mop Value: 4:1658417431
.simpli.fi/	1970-01-20 13:27:19	Name: suid Value: C0CC416328A64A9DA8EF75FE42F43EB4
.3lift.com/	1970-01-20 06:49:53	Name: tluid Value: 1749903480860442628939
.travelaudience.com/	1970-01-20 14:10:31	Name: _tracker Value: %7B%22UUID%22%3A%2202699CBF-29F3-42EC-9FC2-604BA204F10C%22%7D
.ads.avads.net/	1970-01-20 14:20:36	Name: av-mid Value: c2834f98-f12a-4530-acbd-684c07a4de0f
.ads.avads.net/	1970-01-20 05:00:27	Name: av-tp-gadx Value: 1
fksnk.com/	1970-01-20 04:50:22	Name: AWSALBCORS Value: ei91mNF+VjqB9Ypc2dRT7PPYqwB4UcnCM3oFWaeETQvho+FTFqsCyA1zDfNXhYnbiSItGQEVL0UV0O67mm7LRnQ//Mi33yNusTlLnLGpdbSUYoZ0M73lY6KoYz52
.fksnk.com/	1970-01-20 06:49:53	Name: f_001 Value: 0D039D7D679D3DC1
.fksnk.com/	1970-01-20 04:41:43	Name: g_001 Value: 1
pool.admedo.com/	1970-01-20 13:25:53	Name: tuuid Value: 4e545074-d393-422c-b6f6-c0a282b7a543
pool.admedo.com/	1970-01-20 13:25:53	Name: c Value: 1658417432
pool.admedo.com/	1970-01-20 13:25:53	Name: tuuid_lu Value: 1658417432
.turn.com/	1970-01-20 08:59:29	Name: uid Value: 4068825629083261198
.yandex.ru/	1970-01-23 20:16:17	Name: yuidss Value: 4684329941658417432
.yandex.ru/	1970-01-23 20:16:17	Name: yandexuid Value: 4684329941658417432

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9706.nQ6fS7BtXvNNWqMtToa0DpU7df6IEkRpps-E2ZyVi_mtyC9mCosCL7wmtUqob9DMzUtNVSdRWe1nVTXoDYQnKg%2C%2C.XHDoeWQ22e8HEze9XxX68c7Vbc0%2C Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 100) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cdn.besafe.global/globalpassback_970x250.gif Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.craiyon.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.craiyon.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5c917db24c9ad3d3b11fae4e5267202c.safeframe.googlesyndication.com
a.c.appier.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.avads.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
an.yandex.ru
analytics.twitter.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bidder.criteo.com
c2shb.ssp.yahoo.com
cc.adingo.jp
cdn.besafe.global
cdn.doubleverify.com
cdn.exelator.com
cm.g.doubleclick.net
d1oykxszdrgjgl.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-ab.vntsm.com
hb.vntsm.com
hb.vntsm.io
i.clean.gg
ib.adnxs.com
id5-sync.com
loadm.exelator.com
match.360yield.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mydmp.exelator.com
onsite-tag-logs.apps.nielsen.com
pagead2.googlesyndication.com
player.avplayer.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
r.turn.com
region1.analytics.google.com
rsms.me
rtb.openx.net
rtb0.doubleverify.com
rtbc-frc.doubleverify.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssc.33across.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.venatusmedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.craiyon.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
gum.criteo.com
104.111.242.245
104.18.18.126
104.244.42.67
13.32.99.35
141.95.98.70
142.250.185.70
142.250.186.66
142.250.74.194
147.75.85.234
151.139.128.11
169.50.137.184
172.105.221.29
172.217.16.194
178.162.133.150
178.250.0.157
178.250.2.131
18.156.0.31
18.198.69.109
185.29.132.241
185.86.139.58
185.94.180.125
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.254.244.112
2600:9000:21f3:4800:8:455e:4a00:93a1
2600:9000:2250:fe00:0:1651:6140:21
2602:803:c004:200::140
2606:4700:10::ac43:2483
2606:4700:20::681a:8a9
2606:4700:20::681a:ae5
2606:4700:3037::6815:8fa
2606:4700:440e::ac40:9c1a
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:58b::4469
2a02:26f0:fb::5f65:580b
2a02:6b8::1:119
2a02:6b8::90
2a05:d018:d29:3601:8fa7:badd:b745:6d42
3.33.220.150
34.149.20.76
34.95.69.49
35.158.225.181
35.186.253.211
35.190.0.66
35.205.207.25
35.210.53.219
35.244.159.8
37.252.172.250
44.196.105.178
46.137.141.240
52.28.203.152
54.170.63.46
54.192.99.123
54.192.99.67
54.208.79.216
54.65.22.125
76.223.111.18
85.114.159.118
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
00ff5280d2f74d2f07582c57906d940a065eb692ae0dd93680b86269eb0887d4
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0a309a80d394c9710e00faab70c292548c4a9cd29383d7618456509fa40b0882
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
112ba58942b5ad66722fb6a34c7f9186fd97f1eb1744c8ebac3f88269a517dae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180d300fc1e929b5b055e098eaa9591a9b57555b2386e3db53a1b5ff190e79b3
1939ab11a008bffd50d8ba6c1ebcb7f6d2c397c5d1754de106933d414b5a3840
1a4e3695c4947f5d9bfcd14c3f8744568fd9b55a2a5a49fafa7046b0b4c1f84f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267ef2031e101edcfcaf0355146089133ae212da2dd03a72b6d62753bdefb731
272baa20add9a849ff6f3ef3c259c7122a403d57589daad354e5db1fbcc5e9d8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2e3730d64dbe564ca21f9bf9d2a6491abd7d9df953f0f7d505f938feb9983003
30e42b6310354da915ae65d70890d85fe97d24e91b822b1714fe59f08c16c3b2
31d3f736f8310c4b46d9254b1732d63335b310c1010a297d385275a330088bac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38cb1337be39aec9a4a20a936dd9c3d536ef127b8b44c5be87619aba23a18d5b
40c201460bfc3121e10458dfd5bab251f01870a4a5ec37e0ea41a741c21aba29
41d1252e90d53314316a796490d710498ebf87319ae5e1e2866df42f39811e30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510de752c8f00c6234d5e4cc27af50dd1d7afedbdb70ec49ff8e67d1a28f4e39
52b28d404d91d345dcc919d0cb679ea11f9e9a6a93b565787b6c0df71c004da0
54703d809fdcf3b2ba1e5a8da44783c9c4acbe231dd858d3d4b2017a5c366f68
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5606f4fc187e4cd05288abac15ad3de1dae44f6840f55ee66c8903371d7c762b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4aeeed716fd4ab49ff01d437362c102d922b9f91e74bacd30a95bbbd644ffd
5deced519f325874cb3fc94deae7bc0176c606ef9a1f2583cb3c28ab095c9e77
606b653e044eec1c58df51edb317bfbf23dc156b164f0a53ee89b7c11dcf984f
607350c04fd978469d932bca76140d588294bb3103e9240115b2cc127ffe06d6
6083b89f281e28a284b0fdcaadbcd289c4cac69e05ff7be10d2f164b3f9b1157
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67cf9b4bc639937fbbd4d3e5d1a9a43ebffce2577ff3bb0a9b3def6b4088a68e
6945e6751835762bb0433d1c9b5cebfc862f82143f261f04d79dcac629228511
6a99715ecbe36e37a3c8790cc39c0d4dd05956f59741aae04bc9e7806963415c
6b01967283729d1eb539109dcb67a83fe8aa5e6ff6f844202b52f9eb7186f353
6b27f5036ed872b8e1c2f7849a4467326d9cd9525ec81b02e08d2f64f49485b5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9d91990f54994af7c1ffd9bf512d2cce0edf8de21780e2bd44921da7cdfd45
6df23f8d0f8f4cdc7d6bf10e3c41001d7ac54a60f50fe215545689d3c2480bb8
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
70443017240b034e46ed9559c83dee0ba2a14c92b4a4b5752bd39c50ce598a57
76839cef88e1c064c01f1423b09acebaa3806655559effb9526c8009fa28fa9a
78d8aa00a4effdea0749f3b5a48a3e5967e73c4ce6454d2abd09bc8e3823abbc
81eae7ae9d86647e418c255072f7ebbeae11f3b386fe11e0cf24614754669730
8331d6f436d8d32f5f06685fb130213c6b7b07f599ecd440f188145868a3e7ea
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
84b9ab5916dbea0e9dd1c7cb07cc6e72edec3e93d36b1b14475208ba0f5e4576
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
8a6a7642e2b27f6b563bf2f1018d7298ba409477be78880368d78c4f370b9b1e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bd2b69e1a76b5a131defdd08e456f082a67e960779cfde9f7d2b36d31cdf5d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9927047cdf285f7ff1bf5a7afb0e7297fb5d4a0c29900c2772b51fc24ff62130
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e3575c16a0171bbdf0c7dd2fc09673620f416a275c365bf1ad98d46bf7c0f7d
9e64760d7802c3b98152c8ba9ea87a2ffc111897a2d9e0f109766a4d36bb52e5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
a1780538ffd149498ae3c0cf96bf6b2848963739373e2a1ddfaf573c5f55baa6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a5fa5397b39697c3e64f23693ec690d1a31a027098705c55801aabac94519556
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76f139069a8ed8d88c75f7f99974478c27ca15ae94dc1234f1ffee67523be5d
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aceed150abec05f1efb83cd9071165269c1be1473064338ad81cb6ef4238464a
ad0e24c4a9ac1c60bf0100cf4162bf43d530628862b1ec268312406127986681
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46104f2ab034be9aa29708b90cc3119bab89a7f0f842dd8a7813ebbeeb7ceb4
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
c4d9e9f19d77abc825e24139e5ee0a6383944aca3f7bdb686ff90bcf500e08ac
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9eb739c71d5b440acf62f41ce9daa84fc260711d9a1bfec6c0176bc6167b6fc
cb86654cae677b2f5988c6549817da1f3fcb19c39712aac6e307d93ca2aa6358
cb9b4083f2f4d2d7d5468c9f7dc54d51e3c92c480dad4f947f4893fbec680f87
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
dedd159da6d543418029cde75e61e56f7e11ef480e8c137d0eb2d16f6e129d03
e02a4496f9210143846d675d1c86629f0eb77e59569e51cf03147ca56a37344b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e81bfeff96644ad08801985152088086c7b8a63b9b9cb935d80f0dd2eae18557
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea433e611b2b341925fecc3955435f518f5877ad319c3845b32807a329723caf
ed8b2dc19720cb0dd5baec5b4d103939c37e5a08ec2b8401bc54c543d28c6f1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c491f0b2424bf5dd65b8bea110bc1d07577196c9971607318c029dbd6a714a
f2d5cb608589fef83134dec74035052c4d136305d60e46e09a45b3f6dcbcf977
f6f2f035829a80f0f5091e010ccbca305f6cac9baa6f78ea47050534a23ade64
f9b40ace865c2e0e108667f5cc5a58d287db46100ce58ca1a63aba36c028b84f
fb2bb23b6fecae5ef4dc90967c928b64f388544c6fbcf02e71a8ec9c86e995c0
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fee057d0567d7e5f8841ebdbe2cbf81b6c5e88ca7509682430e9f06e319165ae

www.craiyon.com Open in urlscan Pro 2606:4700:20::681a:ae5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

246 Requests

87 %HTTPS

43 %IPv6

57 Domains

81 Subdomains

63 IPs

9 Countries

2495 kBTransfer

6304 kBSize

60 Cookies

4 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.craiyon.com Open in urlscan Pro
2606:4700:20::681a:ae5 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

87 %
HTTPS

43 %
IPv6

57
Domains

81
Subdomains

63
IPs

9
Countries

2495 kB
Transfer

6304 kB
Size

60
Cookies

246 HTTP transactions
4 data transactions