urlscan.io logo urlscan.io
SecurityTrails logo

www.givemevibes.com Open in urlscan Pro
2606:4700:3035::ac43:d8f0  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.givemevibes.com/mariners-athletics/13983/
Submission: On October 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 20 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3035::ac43:d8f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.givemevibes.com.
TLS certificate: Issued by E1 on September 16th 2022. Valid for: 3 months.
This is the only time www.givemevibes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
3 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 7 2a02:6b8::1:119 208722 (GLOBAL_DC)
10 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
9 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 66.102.1.154 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
112 29
15    2606:4700:3035::ac43:d8f0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.givemevibes.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700:3034::6815:1155 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
16    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
9    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:10::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5lznes.c.2mdn.net
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
442 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.eu.criteo.net — Cisco Umbrella Rank: 8015
csm.eu.criteo.net — Cisco Umbrella Rank: 8166
371 KB
15 givemevibes.com
www.givemevibes.com
87 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
105 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9943
2 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
160 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
160 KB
5 wp.com
stats.wp.com — Cisco Umbrella Rank: 2622
c0.wp.com — Cisco Umbrella Rank: 6782
pixel.wp.com — Cisco Umbrella Rank: 2521
37 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 933
r1---sn-4g5lznes.c.2mdn.net — Cisco Umbrella Rank: 636341
1 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559
ads.eu.criteo.com — Cisco Umbrella Rank: 7867
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9939
50 KB
2 gstatic.com
csi.gstatic.com
335 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
93 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
914 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
367 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3510
72 KB
2 swarm.video
swarm.video — Cisco Umbrella Rank: 155601
264 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
701 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
74 KB
112 20
Domain Requested by
16 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.givemevibes.com
imasdk.googleapis.com
15 www.givemevibes.com www.givemevibes.com
14 pagead2.googlesyndication.com www.givemevibes.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 static.criteo.net ads.eu.criteo.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.givemevibes.com
6 pix.eu.criteo.net ads.eu.criteo.com
5 mc.yandex.com 2 redirects
5 cdn.jsdelivr.net www.givemevibes.com
3 c0.wp.com www.givemevibes.com
2 r1---sn-4g5lznes.c.2mdn.net
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
2 mc.yandex.ru 1 redirects www.givemevibes.com
2 swarm.video www.givemevibes.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com
1 ajax.googleapis.com www.givemevibes.com
1 www.googletagmanager.com www.givemevibes.com
1 stats.wp.com www.givemevibes.com
112 32

This site contains links to these domains. Also see Links.

Domain
givemevibes.com
wpastra.com
Subject Issuer Validity Valid
*.givemevibes.com
E1		 2022-09-16 -
2022-12-15		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-09-27 -
2022-12-06		 2 months crt.sh

This page contains 13 frames:

Primary Page: https://www.givemevibes.com/mariners-athletics/13983/
Frame ID: 94DCF560769CB50B800946C504D7E75E
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 4F9E690B10531F536897050A1891CB21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&adk=1812271804&adf=3025194257&lmt=1665894462&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462286&bpp=10&bdt=803&idt=242&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4974037918427&frm=20&pv=2&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: 87F013EB8C6F0AED172C9EDF67EFCD69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Frame ID: 5B8EA7AFB01F4711EF4A55ADE97D9216
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 944D9ACE936CCBC1D3D1D43010C12BD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 114F07FD77B7B13AF905A0BBECB2B9B7
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Frame ID: 436E12D84C83272E22D1D6AB360FE430
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8FFE3F031D1C51688CF0FB993A7829FC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3B324BA6F91395F00578F9926DE87C40
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html
Frame ID: 98793816E1486DCBF29700E016C9E75D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA0B71B039D25319CE5DC6D7DB105FDA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js
Frame ID: 15AE13679943D41F159CE5D3B1956243
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C9365DF35987D75C2E5A92F645DA8D47
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – Givemevibes

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

112
Requests

97 %
HTTPS

79 %
IPv6

20
Domains

32
Subdomains

29
IPs

4
Countries

1925 kB
Transfer

5613 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9792.96lwOiXJftjEUYWmXFnsqMPgxzmCErtrlHplVxWd2zWppqmh4ZtgwnN1dRpOR_EV.lG0R6iyvFpZXg5rjPR9yMBv9Kpw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9792.XeN8Jj-P8Te5zInnx-295vODkFh_gKj3Y3ujU_JTJJCnzfIs2PyIG2G09y_wiRU6wmLqfDqoi7bDrYHmJRPctw%2C%2C.OVKvK-0rr3klAOWAmrEXSRGzDFg%2C
Request Chain 48
  • https://mc.yandex.com/watch/83496901?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1491581122857%3Ahid%3A245035994%3Az%3A0%3Ai%3A20221016042742%3Aet%3A1665894463%3Ac%3A1%3Arn%3A629438245%3Arqn%3A1%3Au%3A1665894463621233948%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C81%2C96%2C3%2C0%2C0%2C%2C41%2C0%2C434%2C434%2C1%2C379%3Acpf%3A1%3Ans%3A1665894461292%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665894463%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1491581122857%3Ahid%3A245035994%3Az%3A0%3Ai%3A20221016042742%3Aet%3A1665894463%3Ac%3A1%3Arn%3A629438245%3Arqn%3A1%3Au%3A1665894463621233948%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C81%2C96%2C3%2C0%2C0%2C%2C41%2C0%2C434%2C434%2C1%2C379%3Acpf%3A1%3Ans%3A1665894461292%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665894463%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 97
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 103
  • https://gcdn.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/260B465F3ADA17B53C364A31E1449C3E376FEEB4.6B3393CBF013F660A11188EF2D6A44C0B1C16F15/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E34C8A1CE6EAC1F4E0FA9B7EBD78FE222ADE54.1D7B1D6C1A64474FE4E69E44FDEBC38FE082C3F6/key/cms1/cms_redirect/yes/mh/Lk/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lznes/ms/onc/mt/1665893721/mv/u/mvi/1/pl/29/file/file.mp4

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.givemevibes.com/mariners-athletics/13983/ 		68 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70bda0d6007953a35d63768be1b413b309461f6b5a8f0e6c3ace6fa7813ba1fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
75ae0b1fb8f191ea-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 04:27:41 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.givemevibes.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs5LAlqEPDlQEjy5dC0VepBw7Fk%2FpbvxR3GB0aF%2B1nB5fpLsEcHdfs4Rhs7%2F7vOQX8pRl7Ysntqow8cpOI7TBIlAp0GK1k9e%2FlvM5%2FOtPjGtpEb%2FY5d7gTgXO%2FNUa1DPdfy8%2FnGgfB5V6xUofUvpp7%2FU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
8e86b79bb3c029fafc3671d62aabda01.css
www.givemevibes.com/wp-content/litespeed/css/ 		69 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/8e86b79bb3c029fafc3671d62aabda01.css?ver=c674c
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae463704d8ed8b862c7a339119a83aec69612ed10d99875e395c7348ebdb3cac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1142d-634b882e-1fc708;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLH9c25epXaXholUWPV%2FGcIrwhwobrOah%2BxUkKAMGnPZIwXVZM4Q9DEoKGur0Q3fDb1PIF%2BWwgyPZnNogj4xXDv2hUUYPbPUZHlSuDIiScL3cn4CXiIkGfB5dIgv1Nq%2B5nbEBMWclueeppqDWWvCUbc8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699591ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
e9ba4a94b5fa45ab861f56e2913024d1.css
www.givemevibes.com/wp-content/litespeed/css/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/e9ba4a94b5fa45ab861f56e2913024d1.css?ver=024d1
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15b53-634b882e-1fc7c4;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnbDqPwoDAytPF8%2Blb0z7WiIEZlYfYypGGDtvgbuUJOhngz87rgW90cBa35soHomGrHGi2%2F%2BKkm3IAy11oYbT8RkT5%2BWFREh%2BrLYFcbyR7dlpAkei9LVCSH93BqyjvRcPM1CW6vzRkt1ummBbkKEcDXk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699791ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
ec86f90cc2c17c54fbba7d6116f45586.css
www.givemevibes.com/wp-content/litespeed/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/ec86f90cc2c17c54fbba7d6116f45586.css?ver=45586
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4f23113e81b19af7503f478d4050d71f74555533325f312d8730708b064153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2c9a-634b882e-1fc7c9;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fFfml4CBSGqAkhc3RMyaMX6N0dciWx6aaKQgPUK4%2BvFFDu3144gnAaRHDCwdlHPjuXCBZ%2FWYeCgVAGz43H%2FM6lVk05Ur8LHEJgIuD1Cv%2FU29CoMLIovDIv3E6%2BqTjLPXExvt0KwICUU8xIHhO16PN2s"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699891ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
ee43da24c6313b4acb6763172b3dc6af.css
www.givemevibes.com/wp-content/litespeed/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/ee43da24c6313b4acb6763172b3dc6af.css?ver=dc6af
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"105a-634b882e-1fdce5;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbsJMu1R9ajU5kNP7HMj1Cm8EaRWNmAeR3hlwZOPkeAt%2FN8xhY9Y64UYj2DTaW%2BN3X%2BTKOSWPZDIXZ779KuWy9biswbZlCjHOXZWjoUkPiWSMVTkmdDncb8%2BDRgozQw%2BAvRIGYSHIoEdgEv1BlKC778d"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699a91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
bd2f0749224d8c3cd77d5397153f04f6.css
www.givemevibes.com/wp-content/litespeed/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/bd2f0749224d8c3cd77d5397153f04f6.css?ver=a6d64
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69533ad5d487783e19c1f034e9ddb042a7faf987e37545e6514bbd451ea10328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8a8-634b882e-1fdce7;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzac7gfQfnfcoiP75kda2%2BTukNOQ26%2F7ygRXY4KL0fmaPlHC5GeQ62gvoDTX%2F2hqlnVGOxSo4kwD3Jh3B4liTq9Az1Qk%2BoYGow%2Fl7p6rkIAJBR%2BSZgfZRbU2coX7qnlXcps8kFZ%2FJeKlBqLtrLJ6J1fa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699b91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
186b966615fa49d6617a92fca5828abe.css
www.givemevibes.com/wp-content/litespeed/css/ 		882 B
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/186b966615fa49d6617a92fca5828abe.css?ver=802dd
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"372-634b882e-1fdcf9;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sAv3ptxZsnZUMbw8gqo40xyb9yuC6owCqOgoQKzVycBICT0XtMrubu9Vn%2FQXY6ke0gsG%2Bzec2vR3SesF8NdLRcRDegdCd8euVXvtuQjkFwn%2FcQmOVATLQgEktzW9yAKwbp34IeTQm0D3B5wfZnmxJRY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699d91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
7774da2b5df501ef439ecd94124497b8.css
www.givemevibes.com/wp-content/litespeed/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/litespeed/css/7774da2b5df501ef439ecd94124497b8.css?ver=497b8
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f360f910960c86fffa05e031405facfd6747640412fa387f829eaf68731548e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 16 Oct 2022 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"14ee2-634b882e-1fdd08;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZJly4o8s021WPRCHDX%2FVjTTmnaYHzD27XFgidKQ5NINbT5aHZObpxO3GTX%2FeVrgQae%2FG363YUPOq1Onlyv7%2FkovxmwmkErsKy684xC%2BSlAGrZSR3eZjpMLV2NsJ1iGI2OSFgP8w%2BA5A7cG00t%2F2Y91R"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75ae0b20699e91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
givemevibes.png
www.givemevibes.com/wp-content/uploads/2020/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.givemevibes.com/wp-content/uploads/2020/12/givemevibes.png
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be378896e7fcdbf42fb1fe30125c234a673e6db7243204507e2a8a5795ad611

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2832
last-modified
Mon, 12 Sep 2022 19:09:56 GMT
server
cloudflare
etag
"b10-631f8404-13eb3f;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9UguetE5Fvz7WCB5FNSnn%2FlZFeSNEBXCGwepmJV2WongmLX5qtDWOTMb7d%2BgUOdqAcnskHlXKBR%2B0dgUNKqheST1co7Ey4L1IGUjMxjsqjNlfFoIN1yloo80ze2NvkiHcsPewdvjQVZz4N52DBuIje9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
75ae0b2099d891ea-FRA
expires
Thu, 20 Oct 2022 02:37:50 GMT
rocket-loader.min.js
www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNqNzp%2Fq7%2FWozaX7orPUeupYjrLW1nLnq3vmkhuBIpkqhozPIdANJ70%2FTikASOfKevNfaaDDV73S2uHKrZ1mNC2ZJnjV7IRW7f9P9fSF3EyOcHGnoCLFS6JMQIAGSVxErz3lUUtVBGpeosPPhcy%2FFuBp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75ae0b2099d991ea-FRA
expires
Tue, 18 Oct 2022 04:27:41 GMT
e-202241.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202241.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 01 Oct 2023 22:12:30 GMT
index.js
www.givemevibes.com/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Sep 2022 22:48:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2fb3-631fb73c-29cc77;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW3dyE6atuB79ChWSwHd0OZtHnT3QmNs17hPjcqgtotSFCopshs1n9YBtVeqgrIJhsRMdkb4eNau1hIKOxiIiR0HHQrv3FfHoAnuVy3xoHNx4BXeuyHle6IbNdfDRPO60msV0hwV7YZX9r0lMkbCVOfq"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75ae0b218ea2694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
index.js
www.givemevibes.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Sep 2022 22:48:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"25d0-631fb73d-338d19;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb9OU7atenzZvk%2BCsRcxvfxfzmrARRLAxSG%2BaNpbGqxJYr00kK5pBfkU9u8stNHzZp3KkiPCWgB0J%2BlOIggzQr%2BhROy07wfZN8rDqDBohLaiUuhzXoqQn1yG9tJKvNfA%2BCfhqVU9eakrM5O7nQpQN1lK"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75ae0b218eaa694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
photon.min.js
c0.wp.com/p/jetpack/11.3.1/_inc/build/photon/ 		685 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.3.1/_inc/build/photon/photon.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Oct 2023 04:27:41 GMT
style.min.js
www.givemevibes.com/wp-content/themes/astra/assets/js/minified/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.2
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4073c72b720b3645c4e7e2e57b81b450cc658b65908013057a0bc9d158cf457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Sep 2022 22:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"289e-631fb707-338bb7;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsDukXmB2wKMSmyT7n41NXWKZeUxsdRsokwypNQYeukNcSjiFaAChGx7cvzESgWhkYyBl0P9ZjHy0FkTg9cjVW8CCSXj3cQo1S2CcOSQMGGpbLD5PMNL4FHEdUaMkxk5cy0ZeLg6FQqcluaQJKYN1a2T"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75ae0b218eab694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
js
www.googletagmanager.com/gtag/ 		208 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7GDHT1MRVD
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94ca494b3ae63e9eff5f499a83c94b52961c6ddfd4e78d29dd71120eebdfa430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74835
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 16 Oct 2022 04:27:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97fb1ffd149bde4d964c9cd61fd29976295542e4aca35c4b89dbb94e2fe82a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54438
x-xss-protection
0
server
cafe
etag
17101824104417846852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 04:27:41 GMT
clappr-pip-plugin.js
cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr-pip-plugin@latest/dist/clappr-pip-plugin.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f17f1066b4f9a1988dd0c711d9cbdbda333315463dfd49e7cb1beb2bb515981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24653
x-jsd-version
2.0.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"dfc-K08E5xkmhMvQd2dwLgQBEkVYPOw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QRSEdLLanNQwBPd39IlyumKRYP%2Bjg8RrFB%2Fwf3X3tikluoi%2FEzPjuG4g%2BUBSlTrAManoyW17y2S455D%2F0oAE4Nu8K890AAvsy%2F4gAAqa6ikMtInHt9h7TurXZgbGnCHRNJhUFrc%2BfssJYgQJE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75ae0b221970925b-FRA
clappr-chromecast-plugin.min.js
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38885
x-jsd-version
0.1.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL0rj7mzeas2%2F6iJHrJOXDAvQWq8HQiOHGsu5Yc%2B6KNpd%2BLJ4pGcuO4MT7rNcg2T%2FbPW6j0tnqfqIbFn8%2FbbjphBofaE7YWBqLcJtukEjYNRyMywLenDf1IzoopTczSIBIx7IVeDMm23GPYUw04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75ae0b221974925b-FRA
clappr-responsive-container-plugin.min.js
cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr-responsive-container-plugin@1.0.0/dist/clappr-responsive-container-plugin.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b81d724d1fe7f1f452cb6d3285be5a960939255e425bb6a7bec3db4dc20915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3404693
x-jsd-version
1.0.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19132-FRA, cache-itm18821-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"a36-HIpJYiEHHCGTei+SnZfGpqpzQtA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEROQtV2xUwiHDVOfvH9BTqTFRhTODSapXKhZPtm2Vrl%2B9ZVsK1PkD3xBaGZDrp%2BTlGUepx78q2F9I%2Bw6g25YVyIorjeA9MUtsow921JGXWpadR5N62gW8alWsIGWqew9%2Fywjnt8s%2F2gmelZL8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75ae0b221975925b-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36603
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-itm18844-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuBNRxPfBPBF7Vv0PS3APtHPkE%2BNt491HIERIYMtAtBP2VD9qzc8h0d%2FyFAa6CtnUpiDoiRUyNFTyLlys4%2B2SnNaSI32StXoHEdLMJaq1pIkqLjRprh%2Bg2zgJLsxoYkB7dj928U0NLc%2Fx1w43dE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75ae0b221976925b-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21872
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FxGDpwdzWleakHUhbDRVgrIU1PZsPiTgexjuVPgo%2F5v30TPuM1wwbd6gGpTrLTlA2pxZxzAC6qKEHM%2FNmac7z03b%2F0%2FUTUK6aqyrzmWHdvsGR6mw%2B1ja%2BpwX19PrYBO0DlaETZ9wLLAkgJI2xk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75ae0b221977925b-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Oct 2023 04:35:31 GMT
pawas.js
swarm.video/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/pawas.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cda0b2c6178595041c7d307054a87e06a1b6279c882a90d889af0bf462e793ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
200587
cf-polished
origSize=535722
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 01 Oct 2022 14:55:00 GMT
server
cloudflare
etag
W/"82caa-183940b1da3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sY%2B7f7MI%2FN8HlUelVqcnXZcs7DZli2xuNntj7ukqoYlEBX%2B5Dr4C6FDgSWMKxFBlT340RasyvRc8wFhfqxL0A3GhP5zKA8OhRHiqkT7EC3fOp7M%2Be4c%2FSxBZJHGOkTfNTLTPpze5UFLNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
75ae0b2218a99bef-FRA
jquery-migrate.min.js
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Oct 2023 04:27:41 GMT
jquery.min.js
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Oct 2023 04:27:41 GMT
astra.woff
www.givemevibes.com/wp-content/themes/astra/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer
https://www.givemevibes.com/mariners-athletics/13983/
Origin
https://www.givemevibes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Sep 2022 22:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1680
etag
W/"ce8-631fb707-2f98e2;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2EQ4vGgRJoTyW8At068TRIQjQU5r49sCCEHbNauXUx400qafMwWoStqYWDxa6ZOaYb6PDC%2B309Tsdw%2Bq2tMxS%2Fq4PH%2FOxwHBuQYoOTptxpgNKNxWy8PF%2BYSN4n8UI2OlhrNKjLL7oy4vtV%2B30%2FmnhAE"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=2678400
cf-ray
75ae0b219eb5694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
www.givemevibes.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemevibes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d8f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/mariners-athletics/13983/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Sep 2022 19:09:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"48b9-631f83ed-11df38;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhTN12q39xhYSgrtEc6pWhOHm9g%2FJrQvnl%2BpCXPy7wmROKY2cYr37LZpalwz48vEnSKg%2Br8RDQOtYxzHBhPZ01%2Fg1URu9485faQ8ukGEnz5nYw8CXRjNrsAXZ4gv3I4%2FoP4usXkhaeVG0EW66qbKSQhu"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75ae0b23483f694c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Oct 2022 04:27:41 GMT
pawas.js
swarm.video/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/pawas.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cda0b2c6178595041c7d307054a87e06a1b6279c882a90d889af0bf462e793ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194363
cf-polished
origSize=535722
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 01 Oct 2022 14:55:00 GMT
server
cloudflare
etag
W/"82caa-183940b1da3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXoqFZVnmtXQspLBCyTlk0krqREysoarq2ZbLHJO8HZd32WELwLNtJjHftXtfPitxqEyocd7VdhKUS2ryWzb0j%2Bo0K%2FMYGGEhfWd6RZsVxRKlgME2XIS3xMi8q41dYqasem8sd0EfGmw3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
75ae0b239d1c68f7-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95f71d9cd210609ab7c482ec736aaa81fb422d4bf21103d43bfe0e7ae5429352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54440
x-xss-protection
0
server
cafe
etag
6621688864728488524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 04:27:42 GMT
tag.js
mc.yandex.ru/metrika/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-11dd4"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73172
expires
Sun, 16 Oct 2022 05:27:42 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 		352 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d0a745c04b4ed7d10c4c0738376f7b836fbb4be20fb84a2004cb6473813f3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118619
x-xss-protection
0
server
cafe
etag
13463075182954564459
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 04:27:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 4F9E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Oct 2022 10:20:41 GMT
etag
9671129459699598864
expires
Sat, 29 Oct 2022 10:20:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7GDHT1MRVD&gtm=2oeaa0&_p=1020295262&cid=159506724.1665894462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665894462&sct=1&seg=0&dl=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&dt=Page%20not%20found%20%E2%80%93%20Givemevibes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GDHT1MRVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.givemevibes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=78821520&post=0&tz=0&srv=www.givemevibes.com&host=www.givemevibes.com&ref=&fcp=417&rand=0.795640424381538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 16 Oct 2022 04:27:42 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
cookie.js
partner.googleadservices.com/gampad/ 		397 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.givemevibes.com&callback=_gfp_s_&client=ca-pub-6074512008324795&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2ef907b35d4f97819ccc2adbb3245ac375a8ef20e27f533cbe63032f6315294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.givemevibes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.givemevibes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 87F0 		245 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&adk=1812271804&adf=3025194257&lmt=1665894462&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462286&bpp=10&bdt=803&idt=242&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4974037918427&frm=20&pv=2&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1de0beac3f13370c458669e0306b407984473c63274ea9e177e42ab8c61f0e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
67329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:43 GMT
expires
Sun, 16 Oct 2022 04:27:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272af40a2725422bac9ce8ac4062641a257ccf1742a9d9b0b6f868e4a6804910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11369
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5B8E 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
518eb693565ab4ed64b56e7ea1f2aff378442a4bba3c484b846b66e1c3517db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9890
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:43 GMT
expires
Sun, 16 Oct 2022 04:27:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Oct 2022 04:27:42 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9792.96lwOiXJftjEUYWmXFnsqMPgxzmCErtrlHplVxWd2zWppqmh4ZtgwnN1dRpOR_EV.lG0R6iyvFpZXg5rjPR9yMBv9Kpw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9792.XeN8Jj-P8Te5zInnx-295vODkFh_gKj3Y3ujU_JTJJCnzfIs2PyIG2G09y_wiRU6wmLqfDqoi7bDrYHmJRPctw%2C%2C.OVKvK-0rr3klAOWAmrEXSRGzDFg%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9792.XeN8Jj-P8Te5zInnx-295vODkFh_gKj3Y3ujU_JTJJCnzfIs2PyIG2G09y_wiRU6wmLqfDqoi7bDrYHmJRPctw%2C%2C.OVKvK-0rr3klAOWAmrEXSRGzDFg%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9792.XeN8Jj-P8Te5zInnx-295vODkFh_gKj3Y3ujU_JTJJCnzfIs2PyIG2G09y_wiRU6wmLqfDqoi7bDrYHmJRPctw%2C%2C.OVKvK-0rr3klAOWAmrEXSRGzDFg%2C
date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 16 Oct 2022 05:27:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 944D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Oct 2022 18:27:14 GMT
expires
Sun, 15 Oct 2023 18:27:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 114F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11673fdc2c9e14514a24a6d4290fa8cc61eae78f146ca48c08aaa0ad6949082b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CEebjinWLrKezKUU-1fiyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-CEebjinWLrKezKUU-1fiyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:42 GMT
expires
Sun, 16 Oct 2022 04:27:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
pagead2.googlesyndication.com/bg/ Frame 944D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 23:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16062
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 23:00:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 114F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=1476696772949637&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 944D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BiP_vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
1
mc.yandex.com/watch/83496901/
Redirect Chain
  • https://mc.yandex.com/watch/83496901?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3A...
  • https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%...
420 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1491581122857%3Ahid%3A245035994%3Az%3A0%3Ai%3A20221016042742%3Aet%3A1665894463%3Ac%3A1%3Arn%3A629438245%3Arqn%3A1%3Au%3A1665894463621233948%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C81%2C96%2C3%2C0%2C0%2C%2C41%2C0%2C434%2C434%2C1%2C379%3Acpf%3A1%3Ans%3A1665894461292%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665894463%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
88492752782f1c9bf1b13a9385515bb02f45ed4c8c1c0f3bddb427368878aeb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 16-Oct-2022 04:27:43 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.givemevibes.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Sun, 16-Oct-2022 04:27:43 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16-Oct-2022 04:27:43 GMT
location
/watch/83496901/1?wmode=7&page-url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1491581122857%3Ahid%3A245035994%3Az%3A0%3Ai%3A20221016042742%3Aet%3A1665894463%3Ac%3A1%3Arn%3A629438245%3Arqn%3A1%3Au%3A1665894463621233948%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C81%2C96%2C3%2C0%2C0%2C%2C41%2C0%2C434%2C434%2C1%2C379%3Acpf%3A1%3Ans%3A1665894461292%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665894463%3At%3APage%20not%20found%20%E2%80%93%20Givemevibes&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin
https://www.givemevibes.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 16-Oct-2022 04:27:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 5B8E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 16:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 16:18:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 5B8E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 18:55:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B8E 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Oct 2022 04:27:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5B8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9k3mPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNcBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQw-or9BOVO7CL4UzlUWdeNsIOdYbY3c2KF-kGn_RpBWePjipNd9O2ABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYwNzQ1MTIwMDgzMjQ3OTUYAA&sigh=XbL-jki7GRg&uach_m=[UACH]&cid=CAQSGwCsnQUxPnR9AIH_cVaALIvIhSzKKJOK0hVxzBgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 16 Oct 2022 04:27:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 16 Oct 2022 04:27:43 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5B8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RLAJmAKdg2ICAgAAAKmMxAB6VaB9ED2IS2OQfq7pdMeOv5HNjwASAAA&wp=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
285011
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 436E 		148 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89487b3111bdcd950ccb7a22e90475931f3b05dccd18a922897fd7b6ed9f1025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bx48Wb9mW4ptUQtQR6yJQyM2UiQHxCRwUoadiVHXw9m2_eel7VQuv709tNRc-EF-IVin9CDzcVzAlrSnPkXnJlPEfiv4cPwelY9tOdsZtqCLYvSPLKG9wUCyGjVsKEtjg14xjIkLTOK23REi7tfVu4FJgdB3CPy4hYlnAiVtEd9zu4sikPT8yKvM62P8lcqgrRjZyVJBOqi1YVtZO-DySdNhFpp1Oa3VJ-F-J6eLhedUccRx_k1Ee7fWvYWCbnbq_CKcpw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
81282193
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 5B8E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e1fade6e87f2e2997eb5bd65648d0fe7903779b220e87a7945bd2503285b545

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba3a1929e55c204bc2cf97749951671c11d771851e8763d5136a79cb55a3876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55056
x-xss-protection
0
server
cafe
etag
14372384515468315927
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 04:27:43 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 436E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 436E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 436E 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 11 Oct 2023 04:27:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 436E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 11 Oct 2023 04:27:43 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 436E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VpLsa1pK7UNOzZVT8RZfYtdX4rD0Z9BlHSpmfNiPRVGSWXaSg-wACugdQPJxi1_7HuZzmTeUr-1Xrfw30BAcLQywELIxjVaPdAz49fni2pINizBcUYmwiGnGeh9lMy7Dz3xhpilasmbmF_TPw5KFREk9GSd8KwI-bAlsnzutlAfXgkrNveiUMZvEFM63iEh27duPYoqweWmrlL808IhpO5W0vpI1i4T-Fg_9EQPpZjvIknomrWsO45p0A1994T6-WZwfUrqtUE_D7JU0neFvAI8O0GyCXn_SkfE_SIJzg7ZaeDnH6YrMkwDAJoyMcgqn7WVm4x-3Mbz2vPaS6Z_Rj3wsMZqWz8f-eqhWQWxt_sLqT1Mwa0Z78xGw8FPGTnyl2zC3wpL0l8GTWl_6bRalgoV1-gkgQx2EubcX9htvb2qUc5Z4
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3047279
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.givemevibes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.givemevibes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 8FFE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 03:15:20 GMT
etag
9671129459699598864
expires
Sun, 30 Oct 2022 03:15:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 3B32 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6074512008324795&plah=www.givemevibes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.givemevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 03:15:20 GMT
etag
9671129459699598864
expires
Sun, 30 Oct 2022 03:15:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 436E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
893194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8IvXlibqBRtMbKbcTik1YwcWMieqiZ480NbB2Bs%2BBJRCAbtm3DQvwdGy2W2lBYL5Vt%2FhNdbveUTi5UL%2BRhgOQstrEF8CjssrI%2B4EF1zLBSYBXdCPsOPqrP1Xx2rZBdzJmt%2BS0BUivCqbXa7d84i5IBd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75ae0b2e3b05909c-FRA
expires
Fri, 06 Oct 2023 04:27:43 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 436E 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 436E 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
animejs.js
static.criteo.net/animejs/ Frame 436E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=528&s=SlEhcr6dpg9UpySdZteNiKzO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1748e380e58e4c6d01eea93af415d54921710dfd690a05d311550fc5cf3bbd11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29199523
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
73251
expires
Tue, 19 Sep 2023 03:26:27 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18263402-96fKFitm.jpg&v=3&w=800&s=iHbT2dVjhQAqkcfTneHjZU5p&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
185d692f70a5b00a4cfcc1962906a9c86408266ec441d7a301714bb2e672030e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=302160
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
112324
expires
Wed, 19 Oct 2022 16:23:43 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		117 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_empty.png&v=3&w=400&s=HCkNB75DWEjI5bLAq3adbTY_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26759073
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
117
expires
Mon, 21 Aug 2023 21:32:17 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19180157-hN6eHA8S.jpg&v=3&w=800&s=B_D6MRw1GeW1KE726X_SHrzd&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d862000c172f3ba7b9e42b0c984424fa7a1b31bb4a9de6e37333433e5407580f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=387704
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23530
expires
Thu, 20 Oct 2022 16:09:28 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		354 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=jBnWN17oJ5tiMqvOBZjs9kr3
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29227055
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
354
expires
Tue, 19 Sep 2023 11:05:19 GMT
img
pix.eu.criteo.net/img/ Frame 436E 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17234144-MX5Vi9im.jpg&v=3&w=800&s=XypyvNxl7z4Ek2CGLXuK5d9C&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
984de5ba33171f5f7f176db4b811d1ed884e04a17c05eb87a03cc247dfbb7ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=207466
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
68700
expires
Tue, 18 Oct 2022 14:05:30 GMT
all
csm.eu.criteo.net/ Frame 436E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bx48Wb9mW4ptUQtQR6yJQyM2UiQHxCRwUoadiVHXw9m2_eel7VQuv709tNRc-EF-IVin9CDzcVzAlrSnPkXnJlPEfiv4cPwelY9tOdsZtqCLYvSPLKG9wUCyGjVsKEtjg14xjIkLTOK23REi7tfVu4FJgdB3CPy4hYlnAiVtEd9zu4sikPT8yKvM62P8lcqgrRjZyVJBOqi1YVtZO-DySdNhFpp1Oa3VJ-F-J6eLhedUccRx_k1Ee7fWvYWCbnbq_CKcpw&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 16 Oct 2022 04:27:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 436E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 436E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Oct 2023 04:27:43 GMT
css2
fonts.googleapis.com/ Frame 8FFE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 03:20:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 04:27:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 8FFE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34047
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8227
x-xss-protection
0
server
cafe
etag
5516984893510486959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 19:00:16 GMT
schwankanal_banner_728x90.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/ Frame 9879 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f7cfff83aab65582550f5e2b860de630e83f4afb91b4b38dad99f9fdbe3b5f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
175149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5117
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 03:48:34 GMT
expires
Sat, 14 Oct 2023 03:48:34 GMT
last-modified
Sat, 17 Apr 2021 06:02:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 3B32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuGqfPohLY76yKZG33wOepKSgBP2Jg8NoptvetvQGpbLpz8gCEAEgp8n_Z2CVuomCmAegAd-K2sgDyAEJqQIsygHyi0-wPqgDAcgDSKoElwJP0PabTigOFJhnvmcrfxSJD2q4yv45ohHb8l9EYgkYFMFGfAKM38l8NpdGFBDc7LxfibD3k9vqdrxkOsAN99wiHOXdEKGQ7kcuucw8DaaS19M-X13caTmUuUeBmEjUsRXUsbS8AMW8hyYOffhQZs5lx63spWvja2kWlOQJPw5PYLF4JS5j2iwkCWWcC1iUrRQsqprDuOs2qVjrHrpenxrkZKSnpauvny7rr_NGwkirTJ0gUXtovZCDZwuvekkQo3lHPVQGcqS6Qu3-ijF7j43QON3YjonMXU6fMl_77aLFOpC_jq9wvr7PIWvVlAGximMtOL5JCDXT0xWM2x0KjF7-bfCVCMps7Fu0oKmuZvOjCH1n3wkiuHLABOmWrMjXAZIFBAgEGAGSBQQIBRgEoAYugAeJ9aU3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQwJk90ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNjA3NDUxMjAwODMyNDc5NRgA&sigh=DOhb4iQGUIQ&uach_m=[UACH]&cid=CAQSGwCsnQUxKBa3ptu-iIPWEhm4B1VXWNEp-o1oPhgBIA4&template_id=419
Requested by
Host: www.givemevibes.com
URL: https://www.givemevibes.com/mariners-athletics/13983/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 16 Oct 2022 04:27:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 3B32 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 07:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 07:23:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=1476696772949637&bg=!goGlgcXNAAYeOJy_Pjg7ACkAdvg8WoMqzrrcn4UZHNsrPh0rd3TywYCT-VTAPOMvhZn1lSolDL0qPQIAAABmUgAAAARoAQeZArJxo1JmtSVXZ3z8H4F-4Yk86_N3RYZezL7VbHtI1pKP9Aw1U805uizWVu9gpPC-_RKlnRVaCghYHlGssnyENIvVbth5UORtS19IBPq1WaKAiRCvToJzPcNnaOkqIORXGTl5J2cXNw8echo_t5Sj6ptOAuY42YwDRZFFj0HshoGQipL4cAAY4JNWXDlB3nVglnJZ39WLnPucfS8qalBo140jwNmJyQdi_PGgE_Zbi1vqebvYSw3VGg643sxGIudwHUIAfGZRtWHk42HCf4KmEq1Orbw1X_V93MaxvSYsJrm_y49MFVYhugZH4uiQo0663yCHnOoVuf-x-CZyBfRXMOWJT4WHA4NXUZVNzSdcRLLXcO_6dL9hE6glwL7awQvC-Ak5MSewNtLKsC63Fu37YUqCpqgvr9j0hD0nxdOIp9hhF9Cj5MfCXBwCZf6uLGjfKdh4xuQ79P2Oly7cHQoIMFF9kMGDRuFdSwgP6ksGL2FW36dcKRbSLhxi1a3_8IQ-mayg4-0buW99Cql1RmkK1fUytEyiIB-ZVEGNgSgNZjD3goErl7RJTOAQ4dqlmW4oh-sPuANnldnJf8OfpunUyUHBeBsDhA0pCl39FM3Ksr1ZxkU2knrOIdoBnJpKQDMeDcyaUPhMbCSI74Yci_ZtLYhB-FOy411CZDn1vHuE1WJC5ZHkHPGLFnYH2TFCqdph1sU-mLawg7b6O1XBCb32cDv3VpFsfUcwvr3ynlJ8Nyluaefj6utX9zbAQcz1sjvrrVjIM3H5MUnzkennh_2SHwxqgBhOnJDnYZdNprpphFZmWh7uvJiOkFW7QJcQ7mtWTazX7I2pi_emqKoULYKhG0th1MfHcHVvhAE3AHV8G4IbiVYmhudPZeWQX7OA8NMTn7FokpbjpcyQTWZp3N_4iWvmfCU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9879 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 16 Oct 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9879 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 16 Oct 2022 19:53:06 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BA0B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 3B32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 16:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 16:18:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 3B32 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 18:55:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B32 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Oct 2022 04:27:44 GMT
truncated
/ Frame 3B32 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c070fe2fb2d1d09cd097a502cf0c6ba4190ab76a4483930afcf819396a2f31a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 15AE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 07:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 07:23:42 GMT
css
fonts.googleapis.com/ Frame 15AE 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 04:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 03:20:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 04:27:44 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 15AE 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 13:23:35 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 15AE 		359 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127092
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 13:23:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 15AE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Oct 2022 18:55:11 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BA0B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:44 GMT
expires
Sun, 16 Oct 2022 04:27:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 04:27:44 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
pagead2.googlesyndication.com/bg/ Frame 9879 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 23:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16062
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 23:00:57 GMT
csi
csi.gstatic.com/ Frame 15AE 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9aujv97&c=650880220798&slotId=325440110399&qqid=CL3Jub304_oCFZHbdwodHhIJRA&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CLwOFPohLY72yKZG33wOepKSgBMfvk-lsq-_M-c8QhIjgle80EAEgp8n_Z2CVuomCmAfIAQWoAwHIA5sEqgSaAk_QTLWgHClChYhkBvWDlj6MOm_D7Q2lnpQsVNtvJTdqbioGv5-_QkchdtwgcnUvMMJGXtzjMENLnTwhOZx2TYla-gRJ9M9rhw3hTMxFQ2eO7ZV2kOTEwQtSNnp2MJfsH7nMzpWQcZF4Bqbs9SatD6mCqcA37MAYHBg-f4UqOqnAW-LL78gY5HuxpH-yFOCvR2XeSfUDFSsnsiqQ_w19hPyXnZCrh7A6M3z_UBXFmD-MKstVCFl_VtF3oznGawKv57pdyPp_ikxxYxxBDN4fx8K2q1WEy_tEROe8RnPF0x8QZc2VW6VtmozBOE284ffAuXRW1KN0bPfN-dAMOdB7l3uGT7osAx1KaVTNOgTPsTlu7BwMPQp9TcBQ_MAEtoyS2p8E4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATxN_tEMgTxJWc4QPQEwDYEwqIFAfYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1665894464262&ai=CLwOFPohLY72yKZG33wOepKSgBMfvk-lsq-_M-c8QhIjgle80EAEgp8n_Z2CVuomCmAfIAQWoAwHIA5sEqgSaAk_QTLWgHClChYhkBvWDlj6MOm_D7Q2lnpQsVNtvJTdqbioGv5-_QkchdtwgcnUvMMJGXtzjMENLnTwhOZx2TYla-gRJ9M9rhw3hTMxFQ2eO7ZV2kOTEwQtSNnp2MJfsH7nMzpWQcZF4Bqbs9SatD6mCqcA37MAYHBg-f4UqOqnAW-LL78gY5HuxpH-yFOCvR2XeSfUDFSsnsiqQ_w19hPyXnZCrh7A6M3z_UBXFmD-MKstVCFl_VtF3oznGawKv57pdyPp_ikxxYxxBDN4fx8K2q1WEy_tEROe8RnPF0x8QZc2VW6VtmozBOE284ffAuXRW1KN0bPfN-dAMOdB7l3uGT7osAx1KaVTNOgTPsTlu7BwMPQp9TcBQ_MAEtoyS2p8E4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATxN_tEMgTxJWc4QPQEwDYEwqIFAfYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 15AE 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C_JcRSZf0MEL7HVmC3Nc3KOmowqMCnKx5YECq_F3OFnXsShpV1ONcp09OTKUP5Nrf-kZVZjEgavOxyyfhkkC-A8gtUDA&cry=1&dbm_d=AKAmf-AYQLqDfQEN9esO23qEYN1zcd20tPYPm7UAWeNdHxI2HPY4OrUj-CRdqCMqafuYacqLcY_m0P9pn706wZVKwlkUfl-iosISRoqlrp5dsfbzWURM7IYfKwVMUcz9A3JelvCi6k1KuBxRETMJpQxCgAeyAfKq0gijojs-RuOE4mnsv-lN8gnE5tAypgbIbeTsazSz04hV8fJ4AmB0xRXVI5ueUXpGx6CaAg5zmEtUTgzvjNgO8wbGuPJOWdmVvr-ZFO11LXrnn5O_rWwA6vmz-BOM_MOc6afqZvk_z-H9ezQbOSdVSadhKoRrNK5ZAvVXjU2yy7UlKeIchJ5jKoN1lSK-zhGxzsVrYtizbmnQnORiArJow1KjVWF9OOI7Alh7wfGHIC29HVoarDwTJ6QbFVI4GNATlvDpeFSeNUnpYM2k-FAJATC1Je5IKsX19HY-VRzHR__A7itutgyGy-cpSjV6PPnQfmESGfrwysURT4PLQle1J-nbR47MK_oWfJU4cPLEUBUVDkQyTBUa2wexcAfvj_Hl7jC00iFzkWJcnfwmlKr5IlmBkaYTK1fjoQXj2a6-DEKCpOgiRmUaX1IJj6teJolZypR78eFo5b0X76bnz-4_sm0T4CPtR8VYdEHejOPbYUhMby0bEcuRc8lXPPMi4vMcCL8ejPkwWdKnuHLyYFCiWSUdIc8GiNlW-CHU2KxlFdJteEeCO4bJYYw6BBqlJ6QtaK-tx9mM8OKCncxMB5aCcNQftDxfklESHzxRGRpukqbym3czGzy8NAtyHNx6jvUlNHR9c1621-2fr-Smo8Rp0biVzq53kG7GqgVeXSC1cXLsZzOC8Fyg5lJsUdbzn8-lK8aB9D8zSDhhn4euQw3lhmsk0SGQEi562m0tLs8xSITd6HsJuJ-axsl8CzircbY-1U6C_efD_oQ6ckt7XvcmhqtXDwWegOJEvrexwH5k6LbHKmEtX9Fw0eXu2UNMCiIFXoowZzFBdh28YQOY1nvNaxJZHW-SCLJ1is3YGVq1KzwaS4wIfEgdJ3RkkdkLDpTAT3znWBqgicwanOA316PxoUID9a5awYrkxHT8QsnrJ4x77fm0ee2c8Y4iXR10Z5FeLRbMp7wMp7F8O2N_IKyhKJqs1Lm39Wv_hv8wRIp_-iugPR950FAiur9bGjs6hg_J4_Otzn0KnF0wlhiVBX5lxiMUGm5SYWYD7ulQpAdsXbTZ5HhLpLJnJmhfvTCUv_4tfQRWuNzoG0HrQ32-3a1QJPfzfAxzhlCTyiHf50WgxL3P9NDttyddGxF3xcpCzaqaV--qyLeIqmMzA6a15sy9XFlLX7Q04PlzaQiswVWijXOpcr_uKbMICnGcKTxkHzQcUn_rvQ13RwnP_CP_7dFdop0Gvaeg5zpnHrdfcb9AzMjn7d8BJFrP8JlDi0mOvRIkRj5C51TfoClzQWGSa5WEva7A-t3sjzOJEIi3Nl4GxsAnr6eX4ngC-oEJBHPadD_Z4Lqs7wpmSxVto6ARVsTeJozmrLzl_-hrZqejjyBCCxLZyy2hf3YaWaununcbw6iVoEOdAirF1Xc5kM4B8pzoj2ZXrWLwuEE-yrCyuLfKpQeH7ccjoHsC8GmRSw5HPItOC08_q-MB1qH6PcnGki7vrFkMa5Lzv19l9YoO6lNxaqYwzqG7-sc2bjk4uPz60SatElFi9bPmOGgq5A_JajEp1qb_E8HbLwufbg934rxdyywNuBbZt-Sj-i97UD1ryTQncS_JSp4yt0y2Wr8QEjlqMNjIG_LAtddfYfQGZfGhmHjDN3XfrwLRwtNFkhz_PBB3nAVul58WTovfVPqmIWyK3nlRK5rT4nzi0xyVUHExSOwe65Kguy7CaLtgK4r0EeyStjZLsrXsCQvqi5Lfg3WvjwLNdGuVIjHfx7ClYcbxZ9DEjPbSWEJcKBayXDXu0RWtTpJIvmaNccQ2COV7bkrKzY3nMmSlemaaGKGBBixzvyScelhbFiykpoECCY3nFl3kvcID89rmQj6sHXi-FMBaFTicRoXipB98cUc2bfVBdsY-jWAobqxG9agUGgbRnaMVdyQg-_Q_hazo_FzWS64mB7datT640EiQ_e7qwR7RB9X98Lj1EZXYA0Ph6CBkYzZ1hz9u1uvck-Av_HGm6DK241SGY8iTB1Kg8GvQ1eeMMm7wrwRGHT1Vn5oeqol5xOVrcYHS1_nnwjyRlkoiV4a_XDO47k_A1fsCSBX0zjQ_lS2190zMoiLWIx0C5ofNpCTVgxXtC4Lbddq9AKipoxpBPEEVx4S9mYvYfvrm7_Mg5UYrJE6ZspO8CBj-uqcO_303NoHJ9hKB3S4pogI-R7p1pOEh6k5EP-X9pXQmuU-PWn1vXIVEVWl_k3Ti9as4UyV7yN8XEAuUGzJONNQaldvJtIPqly_qT201skNWbJ3205q6Vpv0iN-5OiYhU3W8bfhBKUDKh9Emjq_GnYvxr02tLjmlPpTtHu2LJmY2GKjX6owAISJ4Pf0J0BClneVE1dCn5klMOtpmD5Slq-YGkZW1saF9YEZ7Uvob7seAn8kSWvFxN3gVUAllb4tEP8emrYDf_amQv7x6yctr9R1vAl-gOOO9ZEGMlZkriTlnYDIgq-wGGwwnvi8AYhwU68c-bVZhoJlJPmtDr2wZNC9Z1oZVArUsqEjBaIdQwylCT7s_X133_iric-L21GdCZVSF19vfqvaV6vNhpaYAJCNiaCWBJjrA1jdZGr3li5znLgXgKbGMAdc950UXZEKhNvNy9ZO5Ho4CIzZbELNm8CKQqKvqmwdn_hApKbTkWKcmmkBZpX2w2w0RuUgTPK8Sb70NKIYIidPBYmtzF-j7WhhT-LrhWdjCDpcdgzhPKUiyH1d5xiMqZTEEmiir4Q61cbgpdXHxOXeocWdHKiG_14HPBa3Nnr7wWZBQzW9atvXPy1spSAHa-7haN2sY_4FSvJZ9eyGacAgdPRg0VdVU-GadtfmGET4ftf_U9FOWFaEBkKhDnSW_HV9FQ-lKnANxhA-1PmS0fEX_ViszSimF4XtvaPDy_7sC1JIO3aB6pMZMfzjL2_jQmq10KtJ-tPlc8F_-NTeu_rm0lAxyetFVZH0E6_I-EfrCPRS712WFM1CTNj0Ho4wl4ISAEVFW8dOvEmrlcWdzvJj0RVfujxtSJLAx9-tzvK6d64w5uusS-xUcoHL-KkAc8F7DC4zW1UZPoLLk8JjIYs9ILRGfTfGRot7O9JB77dHZdgvsvAXALufSQy9_yuEY-ch-u3EK_TMKbvdaY-aLO7sw0usV1F-tbnv-MaYr6m8f_hrYOkio_bHgoFfS-y0SGnA4AXs3ojLzWD4Ve2QrNFlMYpq4yMcvrgu2yY3w9Kk2BUkMDpM-EE0EUfQSZ8tecyuAfwttIRBVbqUbNT2Mt-ZBQREHbwjIGnSvBbW3iLDuyxzoh3HkiHH7l02ekqyQfxYhVDc6CEXHeMzEtagU6Dh3bCD-u09zi4xEgoqrUAA8BqVPC7U-c3fauXYjvPRrD-zlf3R0FhpoH2wTgV4UKwYcaAflH-B_t5qeDvIesIUI-HS1l49T6OIpHM0O7IEdNRIJSnLJuUWJYWiccSKVQ2W-EqGFc6PGlt9qpODkETNd8xQPuxXyrclbK4a975aoh5AMLXBCEgMd7jMIOtxoFieEJi9rpY2TFPrm1PGbtDYA0cOGSSR68m-QFHLOzy37n2ZJjddohaaJavlgekLpYCFQOf1fYSOwNeg6ZoYshpuVwl4U9kTL2l57bsXLp2Mk4YKyYHIPSQgim6dieS0o8h3QtD3kS0EkDWDuvz6bbvYgLj2h3aEYHtEApag25tZsmjC3DMjmkFUchOdpNxpzrUD_R-9lkdJs-X36HbpOvyBznf1_W1f_W2DiS3T7hIkLubXHpGSgB_0zOUP-XJz3X0vQLXa-cBlvJisXx02u2oGosjHqqnJoo7kdMsS98xupkC7Wd5_7Yi8ZOJ7cbLmQrav1Bpmjl-GEqsPIV-BxURCT0M9MOrbBN-_ugaeTlyQabwUqTymNpDHvSMR_kKl5KkEwo2hbC2v15fQT5kNvVusY0v2OYJut3JJm6Nkju7e4BelJ1xPJgyJQ-Ehblr6IMbSiV52KfZXRwY1IQXdVKkg&cid=CAQSGwCsnQUxKBa3ptu-iIPWEhm4B1VXWNEp-o1oPhgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
77f68aebe5e6d0e0ed3152849c64ca3b312b78baeb45d9afaaf93f9015366dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16161
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 15AE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 08:58:19 GMT
file.mp4
r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 15AE
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E34C8A1CE6EAC1F4E0FA9B7EBD78FE222ADE54.1D7B1D6C1A64474FE4E69E44FDEBC38FE082C3F6/key/cms1/cms_redirect/yes/mh/Lk/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lznes/ms/onc/mt/1665893721/mv/u/mvi/1/pl/29/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:10::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 04:27:44 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
8065375
Last-Modified
Fri, 07 Oct 2022 12:51:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 16 Oct 2022 04:27:44 GMT

Redirect headers

date
Sun, 16 Oct 2022 04:27:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E34C8A1CE6EAC1F4E0FA9B7EBD78FE222ADE54.1D7B1D6C1A64474FE4E69E44FDEBC38FE082C3F6/key/cms1/cms_redirect/yes/mh/Lk/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lznes/ms/onc/mt/1665893721/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame C936 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
297483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 17:49:41 GMT
expires
Thu, 12 Oct 2023 17:49:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDTAsICTTriKwCNyWLu1j3_62SsOY6uwKvr7sfx1y8gJ5-JScS2nPMORjHYsK7wA4IFiGVSX_hB_l6P4D1OL9GrFc&sig=Cg0ArKJSzE7poS5d3-uREAE&id=lidar2&mcvt=1009&p=0,0,280,1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=840479260&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665894462571&rpt=962&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
pagead2.googlesyndication.com/bg/ Frame C936 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 15:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 15:14:30 GMT
all
csm.eu.criteo.net/ Frame 436E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bx48Wb9mW4ptUQtQR6yJQyM2UiQHxCRwUoadiVHXw9m2_eel7VQuv709tNRc-EF-IVin9CDzcVzAlrSnPkXnJlPEfiv4cPwelY9tOdsZtqCLYvSPLKG9wUCyGjVsKEtjg14xjIkLTOK23REi7tfVu4FJgdB3CPy4hYlnAiVtEd9zu4sikPT8yKvM62P8lcqgrRjZyVJBOqi1YVtZO-DySdNhFpp1Oa3VJ-F-J6eLhedUccRx_k1Ee7fWvYWCbnbq_CKcpw&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0uIPgAKYZAKiwRJAAD0mO8ExZsXLLYuNmrd6A&u=%7CxCHjDxYVNmb1u7%2BfFCdYwG%2BshB36rpMEAy8GK9bjkh0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x088U6lmxEgIsrkALd8wMaqQPH9Qwh-s45-EZ90X05QIQcS8jtVg4ybUAL0IwbVEsFd9-UjlEQninkOMda0UGso0ZBQya7TfUH1xeDrTUmIvMKw7bwac0gv8bbW-yXrZFz0YOq9UxAbuLm2hYs5-7rdJojjE2FyXf070zwxudojnGZyoiPq49DCKA03lmpdcC1001Cir9LWK-XMnUIvJ6yRexIEaypRtm52DZIsC7lLUzHbYYNfMss2GAj58Z41p5W2dst6EPztefEjHCl2_A8vcenr3UUsdLWRbV7slYnz7wstUSuBy0IN12lpZ9p3PT-CZIUnxJ6joBlczpX80h4q8qjoiV8tszHeRxOeZfbX0nT3z3JSCrJTDpKakj2wcQFqRzAFzyp4MVO_r8ra3b8sHfCUgmoKH1LrUvwrap-s7MSBa1b4fZYvWEZjZtxFJCh-2pcaCxiwfYunYQPADZo7JD2sL2nowhK2VjI3bICGPRHPTWf9Wx0rfWpqPuNyB2cgPFnVPmMVTGLVNS93xjDbag3f7eXVBqAmXL5-kGkMLWMxpk5usdT2-UtreCR3NQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgkZXPohLY5DDKcmIrASY6YOABsme0rFc1Z2R93DAjbcBEAEgAGCVuomCmAeCARdjYS1wdWItNjA3NDUxMjAwODMyNDc5NcgBCakCLMoB8otPsD6oAwGqBNoBT9D2HAfht_qGopn88JR3FJpjjenAxy8_M01HxNhq0rMXrZdlBRIfseIU-nRZKsetgEyi-b8jDAVI0f4ofdJXI7QFIGQyr-kjun_YBtz296ijsRZHp9bWo-ukYdPJKiYE72_VOLdb6vO7uQdbOo4-uEBCbMKaK2hWbOiquDFQZkFwTQKDKt7F9EOFo8IZp2ZQlOsutSPKzBN06ItVpdVLbt2hu_Dag1psKTeqNh_jisQwuIjclmLBcDFHzy33ieorSIqJawA9XXoHTomaW-j-R8_7DznZ51IxSZGABtyKgb2Ag8b3tgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3jDSYD_qVYQrMAc6ykA9QiLdwmFQ%26client%3Dca-pub-6074512008324795%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 16 Oct 2022 04:27:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C936 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BlkzNQIhLY4nrGYHImwfi-rUQAAAAADgB4AQC&bg=!q6ilqOzNAAYeOJy_Pjg7ACkAdvg8WgUtkNd2rE24TDT_caxbjcKm76Qt-iE3l7dDK0f38sgdE8I0dAIAAABsUgAAAAJoAQcKAGKwQMgFsvTE9AlzVFqHcU5mwiXS1gFVJdmlIcUIb_KT9RUFvFcvQJL9CQDEE8wEYCBkOdroae2JVmFj0OTvi8OB4HQNbve-eolfzgWEQnIyfHANy9mPCpJby-mtAF7oEl0c-ZkC_FtBsDoHRYbRJ2KVZ2bd7O4dJqMAjSr2_AO5YvL-Dsd9WEW-w5O8-A9ag03V6-L80hcPcxK3fuN-YtHmDn3zdutdFI9rYdpwBLobpBr_Tdx9A96-zRJPTEy0eH3Ozc1aIaYR6VItP4vqnU9BrO8LpB2hhNWoUCSio7jJCjSEY8gJwvQ31BVvlYMNzBonqyPMnEGBsrNZrU150-Wlon8as7UJYf4TmfIjZCY0f3g-hrta5MPBsFSqNp8xa8ECGILZAInij5L4RSHP_O72ED5EsLsFBHpm83WztDOfbqZ-MTO0NuDmjO8rLZHT7lSCkYo0XfQ9Dd2bvOmFDCSX5CfuT12cHIabSm7f4CMhNTmThiCaVfF8twSgTz5rivWajrPQsfxXwwijTPfIDtLITCP2h-JG9na7PBILeRD3wWN4Bi6pzXjyy98zQqTTWf8YY5dFQxPuK9lqniyjeBUWzs1QUH5Y3wtTWLzIj40aMLoOLBq6zDJSIXR8Gd1DGXSnwPBPCK4n-eaYLDJZBo3Wcos12uXqZNzu55qfoOULKys_N-v2ZdEMr7rnDupP0biISjTCItcz6qf972ODymBKuQ1dAJfHq1yYua93xEbVabdHqT3ZYKdyUvmejAXFHWoIRXpBe2SzwNEPAMfYTU6NwpoOezLW4SZvCP8S7XO3BvqF1-XdSk7mq1VRF5g9peRHRgfVx3y4-gWHX0Tg6N2znA7GLxp3S-dprRKGSg2vgidWpjQiIB2J8TWc-jx00VnWYd3PrS5bOUaZ_Z0MUBvtGI6vHJ8xMO6HdpH9_AFh_EMzXvVdzk0kzXiVXyLbpX28nMzcxZVwujOIXoavALHt2PJKN6kIdPQisjMMHzdz9Xc5-dL4WAJsHaMEJ7GRjplEzOCrDO4sZEHZE8raxfzoCY24ll7ONcklAmfB3ea1vvAO_QeoVGNSgDk5YSWNSMlmhusxf7WekXKJbR8TJsql3z9LFwYlWNY9_oPqlPxDzpw9H62OnzcSDpBrV5pD-ZQM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 15AE 		207 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.c.2mdn.net/videoplayback/id/d1558a5eab23648c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697430464/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E34C8A1CE6EAC1F4E0FA9B7EBD78FE222ADE54.1D7B1D6C1A64474FE4E69E44FDEBC38FE082C3F6/key/cms1/cms_redirect/yes/mh/Lk/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5lznes/ms/onc/mt/1665893721/mv/u/mvi/1/pl/29/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:10::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

expires
Sun, 16 Oct 2022 04:27:44 GMT
date
Sun, 16 Oct 2022 04:27:44 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8065374/8065375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
8065375
last-modified
Fri, 07 Oct 2022 12:51:46 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B32 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz1gA0cqNXbxorqjRmmNvsRxI3FFyf3kG8CcEocLs3fuY7cYDRAD6lH9hUhsuc9gumoTDOUY1ayeNQiuVFeqLFekHK9E-Z4Dm6fhBfzPYOLXKrbR_P9ieduxfHClvPFdn8XL1vCA&sai=AMfl-YSNEPSvVXoHZm9_XBJYkWHDMcQ6Vj7CwWLvfXohCZuVDKhIhxDrAncpoOsacRto4t_qIGM6sI0SmKzAqL0&sig=Cg0ArKJSzIY6jBl_2p_1EAE&cid=CAQSGwCsnQUxKBa3ptu-iIPWEhm4B1VXWNEp-o1oPhgBIA4&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,948,1000,1000,1000&tos=0,948,52,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665894463591&rpt=585&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 15AE 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9aujv9j&c=650880220798&slotId=325440110399&qqid=CL3Jub304_oCFZHbdwodHhIJRA&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=939&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=8&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7GDHT1MRVD&gtm=2oeaa0&_p=1020295262&cid=159506724.1665894462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665894462&sct=1&seg=0&dl=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&dt=Page%20not%20found%20%E2%80%93%20Givemevibes&en=scroll&epn.percent_scrolled=90&_et=12
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GDHT1MRVD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.givemevibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 04:27:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.givemevibes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| a0_0x5c7c function| a0_0x4caf object| p2pml object| core object| __core-js_shared__ function| require object| _wpemojiSettings function| $ function| jQuery object| twemoji object| wp function| Zepto object| Clappr function| LevelSelector function| ResponsiveContainer function| ChromecastPlugin function| ClapprPIPPlugin object| servs string| serv function| ym object| overlay object| _player object| btn function| dismissOverlay function| gtag object| dataLayer object| astra object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| google_tag_manager function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| swv object| wpcf7 object| _stq boolean| __cfRLUnblockHandlers function| st_go function| linktracker_init object| wpcom function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| Ya object| yaCounter83496901 object| googletag object| google_llp object| google_image_requests

16 Cookies

Domain/Path Name / Value
.givemevibes.com/ Name: _ga_7GDHT1MRVD
Value: GS1.1.1665894462.1.0.1665894462.0.0.0
.givemevibes.com/ Name: _ga
Value: GA1.1.159506724.1665894462
.givemevibes.com/ Name: __gads
Value: ID=0b94ec888151c5b9-22dfe64e45ce000c:T=1665894462:RT=1665894462:S=ALNI_MY7nDBkZdvsS9JfjqDjFKsxKvmNxw
.givemevibes.com/ Name: __gpi
Value: UID=00000b7391e2e350:T=1665894462:RT=1665894462:S=ALNI_Ma-lYao-LWpIkpCLghduMQtVj7d1Q
.givemevibes.com/ Name: _ym_uid
Value: 1665894463621233948
.givemevibes.com/ Name: _ym_d
Value: 1665894463
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 175759079fake
.givemevibes.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3890420584fake
.yandex.com/ Name: yandexuid
Value: 1178139631665894463
.yandex.com/ Name: yuidss
Value: 1178139631665894463
mc.yandex.com/ Name: yabs-sid
Value: 1236803241665894463
.yandex.com/ Name: i
Value: wcnL8L5trVNUTmpXlrtq380CjlgB5Xm60vDVyBcEk8WGPDbYnK2eAoiIhY0jlxBm4zq++xb8mzCFrcOZJbiSYxMtILs=
.yandex.com/ Name: ymex
Value: 1697430463.yrts.1665894463#1697430463.yrtsi.1665894463
.doubleclick.net/ Name: IDE
Value: AHWqTUmcjOH-PBCQ-pSvA80NMPJYP3fHZMrSb2Kvym2uvhmH695WWA8upKniqHibHss
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
network error URL: https://www.givemevibes.com/mariners-athletics/13983/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9792.XeN8Jj-P8Te5zInnx-295vODkFh_gKj3Y3ujU_JTJJCnzfIs2PyIG2G09y_wiRU6wmLqfDqoi7bDrYHmJRPctw%2C%2C.OVKvK-0rr3klAOWAmrEXSRGzDFg%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6074512008324795&output=html&h=280&adk=840479260&adf=4054186064&pi=t.aa~a.1179592423~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665894462&rafmt=1&to=qs&pwprc=9203507082&format=1200x280&url=https%3A%2F%2Fwww.givemevibes.com%2Fmariners-athletics%2F13983%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665894462296&bpp=3&bdt=812&idt=271&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4974037918427&frm=20&pv=1&ga_vid=159506724.1665894462&ga_sid=1665894463&ga_hid=1020295262&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774718%2C42531705%2C44770880%2C31068920&oid=2&pvsid=1476696772949637&tmod=1743122046&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LcLSq53jrf&p=https%3A//www.givemevibes.com&dtd=274
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981249033728919441/schwankanal_banner_728x90.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bid.g.doubleclick.net
c0.wp.com
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.wp.com
r1---sn-4g5lznes.c.2mdn.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
static.criteo.net
stats.wp.com
swarm.video
tpc.googlesyndication.com
www.givemevibes.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
178.250.0.160
178.250.2.135
178.250.2.150
192.0.76.3
192.0.77.37
2001:4860:4802:34::36
2606:4700:3034::6815:1155
2606:4700:3035::ac43:d8f0
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:10::6
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:6b8::1:119
66.102.1.154
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
11673fdc2c9e14514a24a6d4290fa8cc61eae78f146ca48c08aaa0ad6949082b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1748e380e58e4c6d01eea93af415d54921710dfd690a05d311550fc5cf3bbd11
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185d692f70a5b00a4cfcc1962906a9c86408266ec441d7a301714bb2e672030e
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
1d0a745c04b4ed7d10c4c0738376f7b836fbb4be20fb84a2004cb6473813f3e5
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
272af40a2725422bac9ce8ac4062641a257ccf1742a9d9b0b6f868e4a6804910
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
3c070fe2fb2d1d09cd097a502cf0c6ba4190ab76a4483930afcf819396a2f31a
3e1fade6e87f2e2997eb5bd65648d0fe7903779b220e87a7945bd2503285b545
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518eb693565ab4ed64b56e7ea1f2aff378442a4bba3c484b846b66e1c3517db2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5f17f1066b4f9a1988dd0c711d9cbdbda333315463dfd49e7cb1beb2bb515981
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
65f7cfff83aab65582550f5e2b860de630e83f4afb91b4b38dad99f9fdbe3b5f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69533ad5d487783e19c1f034e9ddb042a7faf987e37545e6514bbd451ea10328
6f360f910960c86fffa05e031405facfd6747640412fa387f829eaf68731548e
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70bda0d6007953a35d63768be1b413b309461f6b5a8f0e6c3ace6fa7813ba1fa
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
77f68aebe5e6d0e0ed3152849c64ca3b312b78baeb45d9afaaf93f9015366dbd
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
88492752782f1c9bf1b13a9385515bb02f45ed4c8c1c0f3bddb427368878aeb1
89487b3111bdcd950ccb7a22e90475931f3b05dccd18a922897fd7b6ed9f1025
89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4f23113e81b19af7503f478d4050d71f74555533325f312d8730708b064153
8be378896e7fcdbf42fb1fe30125c234a673e6db7243204507e2a8a5795ad611
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94ca494b3ae63e9eff5f499a83c94b52961c6ddfd4e78d29dd71120eebdfa430
95f71d9cd210609ab7c482ec736aaa81fb422d4bf21103d43bfe0e7ae5429352
97fb1ffd149bde4d964c9cd61fd29976295542e4aca35c4b89dbb94e2fe82a6f
984de5ba33171f5f7f176db4b811d1ed884e04a17c05eb87a03cc247dfbb7ab3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ae463704d8ed8b862c7a339119a83aec69612ed10d99875e395c7348ebdb3cac
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
ba3a1929e55c204bc2cf97749951671c11d771851e8763d5136a79cb55a3876d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4073c72b720b3645c4e7e2e57b81b450cc658b65908013057a0bc9d158cf457
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda0b2c6178595041c7d307054a87e06a1b6279c882a90d889af0bf462e793ba
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d862000c172f3ba7b9e42b0c984424fa7a1b31bb4a9de6e37333433e5407580f
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ef907b35d4f97819ccc2adbb3245ac375a8ef20e27f533cbe63032f6315294
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1de0beac3f13370c458669e0306b407984473c63274ea9e177e42ab8c61f0e3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b81d724d1fe7f1f452cb6d3285be5a960939255e425bb6a7bec3db4dc20915
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48