URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Submission: On March 07 via api from US — Scanned from DE

Summary

This website contacted 46 IPs in 6 countries across 41 domains to perform 258 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.102 16509 (AMAZON-02)
1 13 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
21 54.144.13.37 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:1ec:27::... 8075 (MICROSOFT...)
4 20.84.22.197 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
16 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.28 16625 (AKAMAI-AS)
2 64.202.112.191 23352 (SERVERCEN...)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 108.128.215.255 16509 (AMAZON-02)
12 142.250.185.194 15169 (GOOGLE)
2 2 3.122.208.3 16509 (AMAZON-02)
1 2 34.96.105.8 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.2.236 198622 (ADFORM)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::18 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 185.86.137.107 201081 (SMARTADSE...)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 88.99.63.132 24940 (HETZNER-AS)
1 46.4.62.19 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 18.66.97.96 16509 (AMAZON-02)
2 34.242.207.34 16509 (AMAZON-02)
258 46
Apex Domain
Subdomains
Transfer
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
202 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
645 KB
23 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
35 KB
21 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 453
392 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
27 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
pix.eu.criteo.net — Cisco Umbrella Rank: 7328
csm.eu.criteo.net — Cisco Umbrella Rank: 7422
173 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2174
ad4m.at — Cisco Umbrella Rank: 1742
assets.ad4m.at — Cisco Umbrella Rank: 32740
290 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
276 KB
14 nets4.com
nets4.com
img.nets4.com
79 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
529 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
f.clarity.ms — Cisco Umbrella Rank: 1861
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
7 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
229 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
51 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348
ads.eu.criteo.com — Cisco Umbrella Rank: 7435
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702
58 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
2 KB
3 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 1845
log.outbrainimg.com — Cisco Umbrella Rank: 1961
30 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
5 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
7 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 46354
775 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 48610
575 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
949 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2593
183 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
77 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678
static-de.ad4mat.net — Cisco Umbrella Rank: 128562
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 58770
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 51158
2 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
75 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
582 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 37868
511 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
464 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 18240
522 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2828
375 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
553 B
0 netmng.com Failed
google2waycm.netmng.com Failed
258 41
Domain Requested by
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
nets4.com
cdn.ampproject.org
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
21 api.purpleads.io cdn.purpleads.io
nets4.com
21 play-lh.googleusercontent.com nets4.com
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
nets4.com
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
16 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
14 cdn.ampproject.org securepubads.g.doubleclick.net
cdn.ampproject.org
13 www.google.com 1 redirects nets4.com
tpc.googlesyndication.com
www.gstatic.com
www.google.com
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
12 cm.g.doubleclick.net ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
11 nets4.com nets4.com
7 pix.eu.criteo.net ads.eu.criteo.com
7 static.criteo.net ads.eu.criteo.com
7 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
6 assets.ad4m.at as.ad4m.at
5 www.gstatic.com www.google.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 f.clarity.ms www.clarity.ms
f.clarity.ms
3 img.nets4.com nets4.com
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 c1.adform.net 2 redirects
2 tr.blismedia.com 1 redirects ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 www.googletagservices.com ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
2 f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 log.outbrainimg.com nets4.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects nets4.com
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
2 cdn.purpleads.io nets4.com
1 analytics.webgains.io track.webgains.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 csm.eu.criteo.net ads.eu.criteo.com
1 static-de.ad4mat.net as.ad4m.at
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ssbsync.smartadserver.com f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
1 ads.eu.criteo.com f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com nets4.com
1 ads.travelaudience.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net nets4.com
1 253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 images.outbrainimg.com nets4.com
1 googleads.g.doubleclick.net
1 d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
1 static.cloudflareinsights.com nets4.com
0 google2waycm.netmng.com Failed ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
258 65

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
play.google.com
www.tribiecommunity.com
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-29 -
2022-04-28
a year crt.sh
edgestatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.purpleads.io
Amazon
2021-12-01 -
2022-12-29
a year crt.sh
www.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.de
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA
2021-05-04 -
2022-05-09
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2022-02-19 -
2022-05-20
3 months crt.sh
tr.blismedia.com
GTS CA 1D4
2022-02-20 -
2022-05-21
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-09 -
2022-04-06
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-09 -
2022-04-10
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-09 -
2022-04-04
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-03 -
2022-05-02
3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
*.webgains.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh

This page contains 31 frames:

Primary Page: https://nets4.com/android-apps/com.cerdillac.hotuneb
Frame ID: B8C0BA8AB3BAE5F1AD8F32DBC160C88B
Requests: 68 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 63ECDAAA296C5F64A9C704FBE9F82A6B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1128CF2D81C35AA7BCECF5A14F9CB7C3
Requests: 8 HTTP requests in this frame

Frame: https://d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DC482C908D63DC3089575FC18CC36B78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4927282EC49DDA9013A9480486DF7EE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EFC5A7D6275F36483C17A622BD9B443
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
Frame ID: 7724D25AE9D45E8F25233524FCA6E978
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 9B81B25B53B3CDAA44E93B9872B1FF44
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 87E9EE3F4E46BDEB2D0903C671D0E8DE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7B035140C6BD40BCE7C5E6D944D6C9C3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 22A8B2259E719F62026403D80E72647D
Requests: 8 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2YTM4YTQwMDg4ZThiZWM2ZGJhZDU5OGRmMTc2ZjBiN2RkOTZjZmI1NzEyMWY5ODY0YzBlM2MxMDFjZDJiMGIiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 2658EE1515B46B656F1775A10FB5442D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: A0172938BD1C4C6015DFDDC87247BC5F
Requests: 3 HTTP requests in this frame

Frame: https://253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 06C8E2D26C3AE41438481E8A9BCF4412
Requests: 1 HTTP requests in this frame

Frame: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D18C82778601E7575C6E7046FBB18C57
Requests: 1 HTTP requests in this frame

Frame: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D7B23421FA95A777A8F6E18EE3AB17CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1AFBBB0FD70823C2E92A6E2AB833739A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91F822EF2D79B7601BD8A23A92E9615B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD9EED071C789E326D3E6B19A46980F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01960F0568104E522EBC164EF223517D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B88E075D44F7BA41EF9E0BFC7273E538
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F78967BC24C505CDE38DB21271838E5
Requests: 2 HTTP requests in this frame

Frame: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B1E8C58A55E20828606FE8B4C3E83547
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: A7DD938E5C3FB6D7C7A54D46848ED8A0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCF83E7E9A8F3B99EBC58420E386BA31
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 862A7C299919F7AF70768B61A9381738
Requests: 21 HTTP requests in this frame

Frame: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 92603CC87ECA9623FAA26F68BCCAE37C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: AE26060D369039F45117BAF8AC411BEB
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D0315D926454E07C2248CA8FC35C9B8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4F6BF4D0781E407EFE0D54366B90FF13
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Frame ID: D310B92ABBB7CB8A50423D20E43763B3
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Hotune Body Editor - face slim enhancer app - Android App

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

258
Requests

93 %
HTTPS

52 %
IPv6

41
Domains

65
Subdomains

46
IPs

6
Countries

3196 kB
Transfer

7354 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&RedC=c.clarity.ms&MXFR=2E7E45E708D6608F00E554870CD66E7E HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&MUID=26E915873A4B6B93279E04E73B206A17
Request Chain 105
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 186
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi5r9eVKzLzhCbRQQN0g1wxmB5D2gO4WTeormF9yYf1Oyrr_aQpa8PZdNI&google_gid=CAESEPekP4AAIGV0t4Qvs8lw2ek&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWlhR1lRQUFCYzZKREM2ZA&google_push=AYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi5r9eVKzLzhCbRQQN0g1wxmB5D2gO4WTeormF9yYf1Oyrr_aQpa8PZdNI
Request Chain 187
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x00xweil19fb_fTgKnPJDKzkLkO8Lavc1PuZzlD1qro7PxgO3JVLzU- HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x00xweil19fb_fTgKnPJDKzkLkO8Lavc1PuZzlD1qro7PxgO3JVLzU- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWtOUGhxd2YxTnJsTm41&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x00xweil19fb_fTgKnPJDKzkLkO8Lavc1PuZzlD1qro7PxgO3JVLzU-
Request Chain 189
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEBIT9WwHJxbjF45tTDWumg&google_cver=1&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6bjFInrATcwccn HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PdL6ITcsSKOgBtTYIT2KxA2&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6bjFInrATcwccn
Request Chain 190
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP1Ii4apFJdNZru-jypdLpI&google_cver=1&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBIfq6vKZfdfkI-cshVtfc HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP1Ii4apFJdNZru-jypdLpI&google_cver=1&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBIfq6vKZfdfkI-cshVtfc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNjk3MTkyMDYxNzc1MzE3NA&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBIfq6vKZfdfkI-cshVtfc
Request Chain 191
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ21I5vFdpNpkp8l9xHM9U&google_cver=1&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88wBT9tLwovnO9Wu8aluQ3Qq0mLQTg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ21I5vFdpNpkp8l9xHM9U&google_cver=1&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88wBT9tLwovnO9Wu8aluQ3Qq0mLQTg&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02WnVyX2Y1RTJ1SE9yVnhwZzQwWGxjeVVqRWEzMzR0dn5B&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88wBT9tLwovnO9Wu8aluQ3Qq0mLQTg
Request Chain 213
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKoSKUaOv7yrESt4MntmIBk&google_cver=1&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMWHau33cUsX-0hVNdsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMWHau33cUsX-0hVNdsQ&google_hm=8zCYU50kSl2IdgacbS91DgY
Request Chain 214
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENuo_G2gwEmRWXrJ9-LRB38&google_cver=1&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQUzNnwYXFqR9NtVR HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQUzNnwYXFqR9NtVR&google_hm=hmImhmH9oRGSEJVx1Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62268661FDA11192109571D5BLIS
Request Chain 215
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFEW3m5m_r5CrAZ5YJsAbgI&google_cver=1&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_TSrk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_TSrk&google_hm=ODA1MDIwNzUxODk5MTMzMzk4OQ%3D%3D
Request Chain 216
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAASeBDP30NnIKzF-GQ8hj4&google_cver=1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1646691937439 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2cdfe9ef-574a-4522-abf8-81eafa937633-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF%26google_hm%3DAyzf6e9XSkUiq_iB6vqTdjM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&google_hm=Ayzf6e9XSkUiq_iB6vqTdjM
Request Chain 217
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKYXNkNk0qdPzm91ClCK9qo&google_cver=1&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T&google_gid=CAESEKYXNkNk0qdPzm91ClCK9qo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg2MzIzNDU2OTI1ODk1MTM4MzIxNw%3D%3D&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T
Request Chain 250
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703
Request Chain 253
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030723253865247498515X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth

258 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request com.cerdillac.hotuneb
nets4.com/android-apps/
39 KB
10 KB
Document
General
Full URL
https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc10cce0320e806c67f9a94abc89385de32c8fd7621c6bedb8ce6c0ef05441eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Mar 2022 22:25:33 GMT
content-type
text/html; charset=UTF-8
cf-ray
6e86bf657cf13757-MXP
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Mon, 07 Mar 2022 22:25:33 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js%2FH%2BxGzepwFobvSfrKvuS6jwKiYO8W7VFzml6hg9Q1O69av6xISpSyYZ3%2F6ZswXHFKLSFsZEy2dvzSV0yLZ%2BHlqguY98AcyBmzc%2FycYcafi%2F6oJjZuTUIvKbKgtIX6rHi%2BPX4SnxTQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/
7 KB
3 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7458466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z92G2ZE1HMNW2AZG
x-amz-id-2
kRmlxs4Uk6Ans6W39/LiWarHKqNq5cjEv92nMKItZebgN+Nxd7ZAp/ZkZhClaetuHR0YmxVsIG8=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWB2jf2roQmwMyOa9U8tUBq0NoBHyWsMfawstvowjSawoOzLfnNx3DYeX9vGZSTh0m5tbvf2i8%2FHPLkrUXtfMSL485kgjMcuOCvTqEj5ESh8aLCXBMnjaKIeoeqXIeMhGwdQa96byGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6e86bf6c3e493757-MXP
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/
157 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
963223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2twK990%2Bmo7tWVh6yK2WRAr1DSKK7l3D8wzkQYZ%2F1NMbeVVjnpGE3r2zyB8WYuhg33pQ%2F1wMRznjrG7CaFxISOk12M2LmiRfc6AnxP6VXwNtM0uCfHUcIAlC2lmwPcMktfn9Kh%2FCGdn70Q1H6GIxtKB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6c7f85020d-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10287803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yx7lhYBMYh1%2FngWLxiyL29MXAPAxS9M4iUj6iR2ADBrn4HY%2BeFxgPN1kNZnITMDlGYQCit195R9J%2BpB3cJ%2FIgEuf0kp7m06Q0iwYGYlpA0Amc5C4DX2SiBybv7cHiYpQhOcC33hcK8jIrKFA6zacbQN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6c7f8a020d-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
style.css
nets4.com/assets/css/
345 B
574 B
Stylesheet
General
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7086
cf-polished
origSize=451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa%2FbeFOuRO%2BH1DjrUi2GzVtYu9ncEGdEGoWm6ImQg%2BBNDxLOKI8a59wdFgl9nqfxHHjKa%2Bbe6IGg9CE5fFlmpSxzW%2B5s0RqWDxaaB%2BLhr4y%2B6jCzXSwC%2BZUQA9cR7Hqb3vAXayENOmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6e86bf6c3e4b3757-MXP
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/
49 KB
17 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c850bdff99521a7c4a3bb7580427bb9b9d8138d731075a7fe20a8bdff837f9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2B77VqU7ZCBkHDiPQOmDV5%2B3ViaTENwTqfF6gt9s86iFnzkiu0E3tqhXcdEJleV%2FcQaoVMWeZCZwop%2F4WqbwyOZ50%2BxDUWlc5VRNeDZjQHdWRwtveQgG5HO%2B0yytTt%2FLal30lFjnpGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6e86bf6caf263742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/
1 KB
2 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa3103806ec53fb0e95a0b28ca8b6ff105212961406e7074f9e67c1dca13dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7631615
cf-ray
6e86bf6cbfa43757-MXP
x-cache
HIT, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1490
x-served-by
cache-sea4480-SEA, cache-mxp6982-MXP
server
cloudflare
x-timer
S1639060319.223268,VS0,VE1
etag
"stly99L8QVWcb6m8RMUQ7cA4kw:db93d278b907309c379deddbb0d961d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zyAEk6plxZYr7jqbwaa4e0QmGTW60NSBwuDuCMxABXd0cmsefitCyjtUQQ0liYuOHkwo0F%2Bp24rZBUQyM3oYikGghg3%2BGQ2vqJ7pSXImZQrkQWFUbmrhE0%2BGkuc8L0lYEsztm5RWUc5CEpX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://i.imgur.com/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/
472 B
1 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912fa3094520c8407511db6ba89d2896806103a3d91119b6a187d6aaf91b84ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8678812
access-control-expose-headers
*
cf-ray
6e86bf6cbfa73757-MXP
x-cache
HIT, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
472
x-served-by
cache-sea4428-SEA, cache-mxp6930-MXP
st-img-id
6a5af67d3cc36089-SEA
server
cloudflare
x-timer
S1638013122.261633,VS0,VE1
etag
"stlyiP4BjAye3OZ8qlZ7vzTBDQ:452ecb89109de4e1cab9c5348e6f85ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgn3vklFGM%2FzZNohTdEc%2BC5uyDLX8t9A9wTbtdbMfD%2F9udTQltTOWY92v0GQSzTdacZrsUi%2FsJwJ4ZMgEyK2ORgBTfxNl5HMQlZZmTA0PXCs1%2FK8NagdvTprwqK6JF126mGF6GkgbWm93ekV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://i.imgur.com/58T3Wrl.png>; rel="canonical"
cf-bgj
imgq:66,h2pri
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Mar 2022 15:11:12 GMT
server
cloudflare
etag
W/"621f8910-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ%2BS7SBBu1gySF%2BBSy6DrCeXfp8likejX8QQem7XLaW%2BYK8CKf8RT8AO72sdWPGZWAnAciEx4nJS408PshHbAT3oHjhFrApevK1G4M9t1WBDa3ZEH%2FSQFJ3SHc8jAwLDlI3K%2BIm2mcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e86bf6c9ed43742-MXP
vary
Accept-Encoding
expires
Wed, 09 Mar 2022 22:25:34 GMT
o67FGLuASeNVD9O16uBPtjQt0gsS4WXaW0vB2IsjUSiVXVM0c7atbrROMDKVNd5Qbpg=w300
play-lh.googleusercontent.com/
27 KB
28 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/o67FGLuASeNVD9O16uBPtjQt0gsS4WXaW0vB2IsjUSiVXVM0c7atbrROMDKVNd5Qbpg=w300
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dd2c2fb93a45009898d99e3644cbaf3a0825ae726d30c5c0669d721bfafcaa5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27904
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
jdEoyKaj40WCMljIgAJ13-qvjIij-GfBhl_hWRPosG7tV4FkH9MCWL2aPqfX-IFdYKE=w500
play-lh.googleusercontent.com/
42 KB
43 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/jdEoyKaj40WCMljIgAJ13-qvjIij-GfBhl_hWRPosG7tV4FkH9MCWL2aPqfX-IFdYKE=w500
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
60a51a814677c31c3147319e2e35b75011de47e10bb3b95f0f68eae84a63e21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43488
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Mar 2022 15:11:12 GMT
server
cloudflare
etag
W/"621f8910-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7A%2F3opwK7I%2Fcj43p09BmWmNzua8f0FB5WM6LDUytm9GZ9%2BXtrwWojuph76SkAArr8QVsyLsX%2BgpnYIcXSij9T5wNukqJyEnOpUamGIbDdZGJSP5UbCBgBtEVLrrgdJwt%2FVJuR3pZtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e86bf6caf0d3742-MXP
vary
Accept-Encoding
expires
Wed, 09 Mar 2022 22:25:34 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/
2 KB
2 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3757430
cf-ray
6e86bf6ce80c3757-MXP
x-cache
HIT, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4470-SEA, cache-mxp6945-MXP
server
cloudflare
x-timer
S1642934504.494838,VS0,VE1
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVGICOfVHEQ8LtpRpEacUnGwXNdqm31zb%2Ffpc%2BzZ4JLd0aeG8JEw17BW4SYL6eN9PTTyo4h%2BBinnJdlS3EtL%2BA1dyPvLQ9os6JIjteUkC%2F%2BiUQFCLKun2hYcMswc0O%2FJayQSoJzFEt%2FrP27n"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm%2FwzBDE1TYTVwR4ncg%2BNdqPYlYKG6QoY57yLLy3CFxq0Z1eU21dxnwo5LL3c7qcjCtW%2BinhP%2BvVjrtkOzk0m756238yAELr2wbX0G2mcVelpdWUYfUhC5xwDiaoPoOIK7U13N%2B6y%2BYjol6TFyC6F4ET"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6d0b0e23af-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/
18 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13849761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEnZsi76dAeARRVyduP9BzzqR26aKCI%2FZN0og1AW0nH5x0l3KZ2uTlEzrNOXuvcM4Swak%2B4wP%2FwHsTdcQNVLrqSemWwYIX4eeGloASNLwlZNsqPnwSkeogbhPnbfZn8TsfqMNgjYlDF00QpHpRGj15r9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6d4b6e23af-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/
62 KB
13 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
870852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PodjH7UA1IoTqrpELTrv6NbEICLq9d6XGVbjJK25LoEo1ROOLZshf2pOF6GqVgjmVbbcuDABjH1xvZVunj0QoBVEaIVH0fqNy24QIQXUwc3AzCKP0vf9%2Bb8oXaaLZjjZ7bMuvkrBauq3b2iG6DyPwEFZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6d6ba323af-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
sharebutton.js
nets4.com/assets/js/
80 KB
28 KB
Script
General
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6548
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh4DD%2FznRXBMSsc9nVTvXDnCjeR1wGRm%2FPT4pYlEpl%2B8pB6MWo6VWnLcf%2F4Zf7zKAwEVk5%2BVmQFgKp6iVe3zfNhxm9JeMwAHOvm3bsrdzWwRsfMGeSCQnnkSbB%2Fmdm8BoG8VkDZrLsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6e86bf6da9493742-MXP
cf-bgj
minify
agent.js
cdn.purpleads.io/
34 KB
10 KB
Script
General
Full URL
https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-102.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 02:35:08 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
71443
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
10377
x-amz-cf-id
hwxiuCS8Vke4MUE20kzfO1NZ6D3PhueKrz11qq61nenwBs2cEs0rjg==
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
514712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvIw4wkx9%2FzXsHSmsL1qNvbxD29pFmKMOeR4VmE2sP03S3htEjm3b6jaYR0moatQOoYTJpGfHF2KbFpMuGnEw0%2BtJG2tLP409XFG1bo4ioTZzgRh7WBXBpSUaNKa5%2F4T9OY79tFeBaYe9Rhz3xK273XZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6dcdd2cc4a-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4244152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F2ZIWpyawa3%2FPDrNbOvYusCfN5UaPvv%2BTWUhJRyISns%2FTZJDoSCLgPO8YIz7eZdnGE%2Bfpn9UnbBe8hxP5%2F4CSwPqoJAwdnd1ufoiEXPKSqFUsLGRqBhTuyAwGbAmF%2B1PeMX0TQm5BfEneDwu1UgCCy4"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e86bf6dcdd1cc4a-ZRH
expires
Sat, 25 Feb 2023 22:25:34 GMT
o67FGLuASeNVD9O16uBPtjQt0gsS4WXaW0vB2IsjUSiVXVM0c7atbrROMDKVNd5Qbpg=w16
play-lh.googleusercontent.com/
701 B
725 B
Image
General
Full URL
https://play-lh.googleusercontent.com/o67FGLuASeNVD9O16uBPtjQt0gsS4WXaW0vB2IsjUSiVXVM0c7atbrROMDKVNd5Qbpg=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9807c538d698108558848a943325879604a59e979f0c3caa8288a96cd3571e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
701
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
Lba7X2xEc2LrEAW__frmJybWd9uSvAkG9yMcmFk09KKLEsNwLiEjs6h_Ik_qlESEB6Q
play-lh.googleusercontent.com/
38 KB
38 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/Lba7X2xEc2LrEAW__frmJybWd9uSvAkG9yMcmFk09KKLEsNwLiEjs6h_Ik_qlESEB6Q
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3cba5c4cedc02e0e6d3f4d97493f42936b3a3a21d081f41f21c23390d0efdf4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38936
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
Bi5S7JokrlAOmXqjGbZh60ImSXIXflCeHeiI-fQDqSrLXEvmdzuX93uGUdaVXQy0lW4
play-lh.googleusercontent.com/
38 KB
38 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/Bi5S7JokrlAOmXqjGbZh60ImSXIXflCeHeiI-fQDqSrLXEvmdzuX93uGUdaVXQy0lW4
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
335d0556c9d2a441e297bcac0e86c653eee34df498ee0d7eaa1e8373e24cc8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Mar 2022 10:52:25 GMT
2oJjcxmrSDwkLTtJEZNsWQqFWNSCB_8zFWs_lk-AffFOO-KbUlA5RSX35NbpxDf4JMkp
play-lh.googleusercontent.com/
36 KB
36 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/2oJjcxmrSDwkLTtJEZNsWQqFWNSCB_8zFWs_lk-AffFOO-KbUlA5RSX35NbpxDf4JMkp
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
70546db1799217a411e1e2fadea9566f2aece60713764de7f0d209cb61107688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37133
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
qIIKoEu1PFnNWwLdQqcDWZrFAUdSLC7pefFncOLKIe3VPYgRvjVXiXekB-0wI0ByM_Hf
play-lh.googleusercontent.com/
43 KB
43 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/qIIKoEu1PFnNWwLdQqcDWZrFAUdSLC7pefFncOLKIe3VPYgRvjVXiXekB-0wI0ByM_Hf
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cfbc30f4b635595409f7046bd42bad97884ed9cd930f50e660eaa8e2e539a7fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44263
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
qzv7AreliVPXyERPa2HFH-isDTItcFl4w20Cji4P9cLqhq1Pm3lBimjbAxVyuaMtgUVX
play-lh.googleusercontent.com/
36 KB
36 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/qzv7AreliVPXyERPa2HFH-isDTItcFl4w20Cji4P9cLqhq1Pm3lBimjbAxVyuaMtgUVX
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c1c76b90838bab1acca4d5989bf7eb8e5f4a1a94aebfa66d8babec734980f1b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36896
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
Nmra7w0VhQCgMnqp4MJwLD4J_FjjhsW8f5C5al8lFQRCDysyHReJaA2ZXbZ3WQgmZg
play-lh.googleusercontent.com/
42 KB
42 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/Nmra7w0VhQCgMnqp4MJwLD4J_FjjhsW8f5C5al8lFQRCDysyHReJaA2ZXbZ3WQgmZg
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a929ab20500c3c6e292367ae1cc266b9f7801c3a7d44e14d16a539e76ae14b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42507
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
GfKtB1f5fbaGjw5jP70RI9fe_IF09wVQ7BftVjdbSKc5AoyuGURDKj7elIfNbqRhoWrl
play-lh.googleusercontent.com/
44 KB
44 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/GfKtB1f5fbaGjw5jP70RI9fe_IF09wVQ7BftVjdbSKc5AoyuGURDKj7elIfNbqRhoWrl
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
debba808a25fd588b8819a515cf52fba0e6e91767ebbfab63b95c485a1d2dd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44585
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
_xtClzEOC5gPleZ7ddS72rJ4PJR840Kc9fv9Z-gHwXxX8kIoZEmYVmC-GKiIqFAqI8w
play-lh.googleusercontent.com/
38 KB
38 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/_xtClzEOC5gPleZ7ddS72rJ4PJR840Kc9fv9Z-gHwXxX8kIoZEmYVmC-GKiIqFAqI8w
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
925fe5e4071be04cb49f2a6b2e27f1566dc51f4a174d7d23fe5a6696ba97a5d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38415
x-xss-protection
0
expires
Tue, 08 Mar 2022 22:25:34 GMT
REYbHeMq5tW5IeR4juznIgFj_9j_BM6E_rsW0qvZ9GYZDtNRmwWfzxRVjRuyrHbV5pw=w16
play-lh.googleusercontent.com/
1 KB
1 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/REYbHeMq5tW5IeR4juznIgFj_9j_BM6E_rsW0qvZ9GYZDtNRmwWfzxRVjRuyrHbV5pw=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
816160d0529fc3afba031b135984c2e9b721bf668e654dedca81a29458d14a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:42:27 GMT
x-content-type-options
nosniff
age
6187
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 07 Mar 2022 23:42:25 GMT
com.cerdillac.hotuneb
nets4.com/android-apps/
15 B
0
Fetch
General
Full URL
https://nets4.com/android-apps/com.cerdillac.hotuneb
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
ts-request-embed-key
a8ae099b-1b8b-4345-932f-8d3cc0607c7c:59c0e8726ce00571ac870ed517cd2c2435a6811660b485e9905f74cd089aa8c4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12YTl8Gn7hRMxwLKeyV1ov9%2B%2B4kdI9eKWKUAcvsGl%2BXNRvL6Sjt3g%2B9n6ICtqDn%2BB1QDJ8PstCREW3CQTCKuzMDkslz%2FxCyWAtl9K16Pzz1%2BP4x3Tnvuy4JEv7HDhG8Mbq1ZTWrr6qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6e86bf6de9d03742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
api.js
www.google.com/recaptcha/
850 B
966 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7077dc489ef7df1bcc1994a1b6649f391aae70107d5a3f5bc58ea481040a3af5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Mon, 07 Mar 2022 22:25:34 GMT
beacon.min.js
static.cloudflareinsights.com/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6e86bf6e3dcb2373-ZRH
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1242
date
Mon, 07 Mar 2022 22:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 08 Mar 2022 00:04:52 GMT
s.js
nets4.com/cdn-cgi/zaraz/
4 KB
2 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySG90dW5lJTIwQm9keSUyMEVkaXRvciUyMC0lMjBmYWNlJTIwc2xpbSUyMGVuaGFuY2VyJTIwYXBwJTIwLSUyMEFuZHJvaWQlMjBBcHAlMjIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRm5ldHM0LmNvbSUyRmFuZHJvaWQtYXBwcyUyRmNvbS5jZXJkaWxsYWMuaG90dW5lYiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCU3RA==
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0t342PT%2Ft8MSRaa7Z0k%2FrYeTWKLeNdofoHfoRT4ViJJvV9V98IMjhP2kQI36PtsKIu%2FXXVBnnlWIwcbgnDmYc%2BnX39gCLH%2F62DBvzzbplpij3FEjlpzNQURFgeTeXrrjrkDsbQXbGk%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6e86bf6de9e73742-MXP
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yJ3dXQ2fuxn_UK1t9dj5lPsqZ8oa4kVsELSo63x4iLSX41AveuIyr-p8IotqIwISUA=w16
play-lh.googleusercontent.com/
532 B
557 B
Image
General
Full URL
https://play-lh.googleusercontent.com/yJ3dXQ2fuxn_UK1t9dj5lPsqZ8oa4kVsELSo63x4iLSX41AveuIyr-p8IotqIwISUA=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
106315de86cdb04035717c3372b2e155efbfcf3447ae81c67afef473ae0f01e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:24:28 GMT
x-content-type-options
nosniff
age
66
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
532
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 07 Mar 2022 17:30:26 GMT
XBEO3XcVg6JqOAE6ghDyrqmKDEyOAayPJy3_K-ODt2igIwuqN7A_wc4yrsbXfeCV71c=w16
play-lh.googleusercontent.com/
531 B
556 B
Image
General
Full URL
https://play-lh.googleusercontent.com/XBEO3XcVg6JqOAE6ghDyrqmKDEyOAayPJy3_K-ODt2igIwuqN7A_wc4yrsbXfeCV71c=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
20d403d3c9c8abc2f8785f2417f75f9c3259c2f1e678fbaa8c119f0226b617ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:06:28 GMT
x-content-type-options
nosniff
age
8346
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
531
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 05 Mar 2022 19:22:46 GMT
xDh13mMPU9Z0cuPybhWla8k8LsjhgMmDi7XSKKFjyazb0Rohn3EDXNq9blytK-dVfDQw=w16
play-lh.googleusercontent.com/
627 B
652 B
Image
General
Full URL
https://play-lh.googleusercontent.com/xDh13mMPU9Z0cuPybhWla8k8LsjhgMmDi7XSKKFjyazb0Rohn3EDXNq9blytK-dVfDQw=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4f14d9c1dbd92e3fd5f4d293cfa35d01a28e6bdf4019dff2cd73780b38f9d02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:27:28 GMT
x-content-type-options
nosniff
age
3486
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
627
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:14:17 GMT
PCx7DEwPmOOGQXb-2TTG2M0tONImLtxjDzaSOQ6J43glhbPGnjje201hO5fAcMv61g=w16
play-lh.googleusercontent.com/
782 B
807 B
Image
General
Full URL
https://play-lh.googleusercontent.com/PCx7DEwPmOOGQXb-2TTG2M0tONImLtxjDzaSOQ6J43glhbPGnjje201hO5fAcMv61g=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4f15493c497be1fdbaf8ded570fabc3d3dc1a701fcecebf1d49e0e9b65a941a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:27:28 GMT
x-content-type-options
nosniff
age
3486
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
782
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 06 Mar 2022 07:14:17 GMT
FJu0AGRJnr88OhKEeriVkDpqIs6Ufs6wV9_uWEptdfiP_8nAdK50IxxNqbbcFOMwi-Q=w16
play-lh.googleusercontent.com/
728 B
753 B
Image
General
Full URL
https://play-lh.googleusercontent.com/FJu0AGRJnr88OhKEeriVkDpqIs6Ufs6wV9_uWEptdfiP_8nAdK50IxxNqbbcFOMwi-Q=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
86f4f478007f31b934ff17040dab885e747aae312cb6274624ea57041a864b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:42:27 GMT
x-content-type-options
nosniff
age
6187
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 05 Mar 2022 18:15:13 GMT
P26wq5VG1rF8j-lcvE3MGI8P5eTo7SfhHgi72ZaDBKSRvz_eZWCU_dWH-aJuRERhmQ=w16
play-lh.googleusercontent.com/
598 B
623 B
Image
General
Full URL
https://play-lh.googleusercontent.com/P26wq5VG1rF8j-lcvE3MGI8P5eTo7SfhHgi72ZaDBKSRvz_eZWCU_dWH-aJuRERhmQ=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b2281a872cc908ebf5628ca6d87c60c7dd7d02d02d3dd492fa36eb8a220e682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:06:28 GMT
x-content-type-options
nosniff
age
8346
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
598
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 05 Mar 2022 00:11:31 GMT
1gktCzm8KFAdWwl1WEwZv_gEqDauIhW9J6IX6Vv_WEseWRSv8Me4TA7Vg1s1KQ-N3Q=w16
play-lh.googleusercontent.com/
890 B
915 B
Image
General
Full URL
https://play-lh.googleusercontent.com/1gktCzm8KFAdWwl1WEwZv_gEqDauIhW9J6IX6Vv_WEseWRSv8Me4TA7Vg1s1KQ-N3Q=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7a7123a4847fbfd89a3c02772491df0f573645e6b2673f92b2c5c3ee12f87e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:06:28 GMT
x-content-type-options
nosniff
age
8346
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
890
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 04 Mar 2022 05:11:18 GMT
SexFpDFmDWN5M-kCzrxZNKtqQsUwlWS_Y7sjeLwIbe15lVegIA0hZzV-YdsJyfyu2ps=w16
play-lh.googleusercontent.com/
586 B
611 B
Image
General
Full URL
https://play-lh.googleusercontent.com/SexFpDFmDWN5M-kCzrxZNKtqQsUwlWS_Y7sjeLwIbe15lVegIA0hZzV-YdsJyfyu2ps=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f7eee1f54b63fbd3c215fa87a9480dafce27f01934f11745530bdabcbbe9f3c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:06:28 GMT
x-content-type-options
nosniff
age
8346
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 03 Mar 2022 05:23:04 GMT
YE9ft-8OngPdk7_yZnNbM6E8X-zhul19Sf_juKiweQCtmfwJEQt4NjS1XV7RfMwRLV4=w16
play-lh.googleusercontent.com/
726 B
751 B
Image
General
Full URL
https://play-lh.googleusercontent.com/YE9ft-8OngPdk7_yZnNbM6E8X-zhul19Sf_juKiweQCtmfwJEQt4NjS1XV7RfMwRLV4=w16
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
93ac61013e64e3f2f3e6db1fce91080e7b6a5f7120fbb38febb742dc1f1cebf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:06:28 GMT
x-content-type-options
nosniff
age
8346
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
726
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 03 Mar 2022 05:23:04 GMT
init
api.purpleads.io/x/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/init?ts=1646691934401
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
aac6f9b9-5907-4ddd-aaf3-8451aaad5091
init
api.purpleads.io/x/
68 B
358 B
Fetch
General
Full URL
https://api.purpleads.io/x/init?ts=1646691934401
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
a858cc5f-41b1-4501-bf84-60c262657270
sm.22.html
static.addtoany.com/menu/ Frame 63EC
278 B
324 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-type
text/html; charset=utf-8
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
via
e2s
cf-cache-status
HIT
age
1731792
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6e86bf6e8dcb021d-ZRH
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
icons.29.svg.js
static.addtoany.com/menu/svg/
78 KB
33 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
age
27558763
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6e86bf6e8dcd021d-ZRH
cf-bgj
minify
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=312698068&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fandroid-apps%2Fcom.cerdillac.hotuneb&ul=en-us&de=UTF-8&dt=Hotune%20Body%20Editor%20-%20face%20slim%20enhancer%20app%20-%20Android%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1132281238&gjid=1416331787&cid=1631161480.1646691934&tid=UA-123511935-10&_gid=442767462.1646691934&_r=1&_slc=1&z=1850708057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=47686431-3cb0-46a9-ac44-599428cbac3d&ts=1646691934607
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
cd85d159e61e8bc2bd2bed570dae68af13100c2ca5c32aaa868df218f81736ce

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
etag
W/"241a-YOou8PXjYyfPhX7ll6kFT2b1UsQ"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
31686c9e-9e57-499c-8168-45c5c7820a75
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=47686431-3cb0-46a9-ac44-599428cbac3d&ts=1646691934607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
165f560c-d9d9-4697-9eb8-1020ecd41f8b
550j6zn5gn
www.clarity.ms/tag/
590 B
981 B
Script
General
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1905 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0c3eb540d7c2b59f396a5ca66dd1ed3f9d91ec0ecf2a7e96d79ea5518c5dc738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
x-powered-by
ASP.NET
x-azure-ref
0XoYmYgAAAACY7Zh1wr1XTLG7mZmngDVTQ0FJMzBFREdFMDIxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length
590
expires
-1
clarity.js
f.clarity.ms/s/0.6.32/
53 KB
23 KB
Script
General
Full URL
https://f.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:34 GMT
content-encoding
br
etag
"1d82e1aac2b7990"
last-modified
Wed, 02 Mar 2022 09:48:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&RedC=c.clarity.ms&MXFR=2E7E45E708D6608F00E554870CD66E7E
  • https://c.clarity.ms/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&MUID=26E915873A4B6B93279E04E73B206A17
42 B
368 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&MUID=26E915873A4B6B93279E04E73B206A17
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:34 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2E7E3491D11944859DB5940D6D2EE033 Ref B: FRAEDGE1411 Ref C: 2022-03-07T22:25:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F251A01ED9984D8A85DBFD38D946D0CA&MUID=26E915873A4B6B93279E04E73B206A17
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1128
80 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
39d932a328946033e6a962983607716ea563be7427889764ae2e113482b32920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27756
x-xss-protection
0
server
sffe
etag
"1153 / 512 of 1000 / last-modified: 1646691465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Mar 2022 22:25:35 GMT
pubads_impl_2022030301.js
securepubads.g.doubleclick.net/gpt/ Frame 1128
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 11:35:24 GMT
integrator.js
adservice.google.de/adsid/ Frame 1128
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1128
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1128
52 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=989279916513946&correlator=3906776631326402&eid=31063378%2C31065498%2C44756432&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1646691935246&dlt=1646691935075&idt=149&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=412&ucis=5l0bq3mqy2go&adks=4203880072&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fandroid-apps%2Fcom.cerdillac.hotuneb&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1631161480.1646691934&ga_sid=1646691935&ga_hid=53942986&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b11f7fde51a5e44578240f9678ff4a3250b3279de894d8580cfcfe283be8b92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12309
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1128
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cd114b04d10cd8b3a0b4ced30f9ab8657b2cab29c8bf32bbb22f985c6b0302d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10501
x-xss-protection
0
container.html
d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC48
6 KB
4 KB
Document
General
Full URL
https://d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 22:25:35 GMT
expires
Tue, 07 Mar 2023 22:25:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1128
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4927
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 20:10:15 GMT
expires
Tue, 07 Mar 2023 20:10:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
8120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3EFC
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f89fe58b193dddcd812e23da2dbfec38ed7ac12a53d90d6d75be7d708d53f112
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u9wURZ3ZY1NJmP7rAzzdOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 22:25:35 GMT
date
Mon, 07 Mar 2022 22:25:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-u9wURZ3ZY1NJmP7rAzzdOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
f.clarity.ms/
0
88 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
pagead2.googlesyndication.com/bg/ Frame 4927
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 19:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13775
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 19:04:37 GMT
agent.js
cdn.purpleads.io/
34 KB
10 KB
Script
General
Full URL
https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-102.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 02:35:08 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
71444
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
10377
x-amz-cf-id
isbt7uvU3SRGvAXpV4lSWsMfUC7nerFpODEvRs3X5ONBJ0LU183-2w==
sodar
pagead2.googlesyndication.com/pagead/ Frame 3EFC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=989279916513946&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

recaptcha__de.js
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 14:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145103
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 14:41:18 GMT
pica.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/
19 KB
7 KB
Other
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e599deeee2c5bb9a08b0df3b9232505726cca5a06fd409fcd080a449b6d22b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZLYrpf6HhESaytJUuSZYlZBdmWT2ftmmcOsJcGiLVHlywuFD3CDI5Sl4iLMxyF5VFMUaLgTDqZhpU%2F%2FVGJ57xg%2BG6z7xyxeYEUgmOBWRqva%2FW8BBviWX%2BhYefQqex6H0GYYS2Vk5ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6e86bf756e783742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6e86bf75ca4ccc46-ZRH
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/
0
77 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6e86bf75ea66cc46-ZRH
vary
Origin
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=8a8b84db-c03b-4149-a9e6-8abec29b8321&ts=1646691935622
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
aa61b44f3a830d06a87258a5719949c75d34505134c4295d195b0b7d05368964

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
etag
W/"236a-YEbDgAH/J7ZQB4mIV2acnbImRVc"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
457d30d3-795b-4ba6-bcde-6c113ff93305
/
api.purpleads.io/x/b/
20 KB
4 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=ad75a1ce-c377-41c0-ba90-0d20a39123a8&ts=1646691935622
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
b5213e1487a972caaa7242e0eb43a1d9cf639079afe170e2899383bdf55e9f79

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
etag
W/"5197-l84YPxiYl2o2gOBGqW+GMZt4Y2E"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
552ede80-2ba8-48bb-8ad1-38f83545e805
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[200,200],[250,250]]&slotid=4e908c39-5720-492b-9375-4383352653e4&ts=1646691935623
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
ac425eb498d51cf0ed33ec01d03daaf177af913cea6a0cd69bcce3bde7a12abe

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
etag
W/"23f5-cN++JahBADgXYWLRhsKHopQuYNk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
aa665ff2-8bac-4f8c-8e87-9690f0c0afc0
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[200,200],[250,250]]&slotid=b4e3d629-6b37-4c48-8974-3a25b14a90d1&ts=1646691935623
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e6f6ef22e62077ea21a2c4049b381ee1bae16d61dcb8192b87ec8c9c96df9565

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
content-encoding
gzip
etag
W/"23f5-ChK7/UeR+8xy8HVRToj+LuHO+Xo"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
7e2e3768-548f-45ce-a843-a16869ed3921
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=8a8b84db-c03b-4149-a9e6-8abec29b8321&ts=1646691935622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
094a5714-39e5-4162-96b9-864aca95b984
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=ad75a1ce-c377-41c0-ba90-0d20a39123a8&ts=1646691935622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
0ec3d1a3-028f-4236-b6fa-8bbdde9f0931
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[200,200],[250,250]]&slotid=4e908c39-5720-492b-9375-4383352653e4&ts=1646691935623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
e3f83757-0ee4-434b-ba45-2bee0579560c
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=0b7eb8722a2943209a0c519c4ddd96c8&sizes=[[200,200],[250,250]]&slotid=b4e3d629-6b37-4c48-8974-3a25b14a90d1&ts=1646691935623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
e589a2cf-92b1-447f-8cae-92ccf3750dc1
anchor
www.google.com/recaptcha/api2/ Frame 7724
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
849d8ee8e40ab995886bb209a6386c7cd5d6b9e2a100f8ab788c212b08b8dbb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-grW6B5huIkjSNTbVkowsyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Mar 2022 22:25:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-grW6B5huIkjSNTbVkowsyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22478
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 9B81
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9B81
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9B81
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9B81
43 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d843ad3a3881e8bb473d29e92bbfc2de1737cd85097bb448aff9a7fb05e544a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14476
x-xss-protection
0
server
sffe
date
Mon, 07 Mar 2022 17:46:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1cef8e0038993477"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 17:46:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9B81
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 9B81
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
css
fonts.googleapis.com/ Frame 9B81
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 21:05:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 22:25:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 22:25:35 GMT
i
api.purpleads.io/x/a/7c3b4b254c4c3a72f78ef27039799420:28e956ad51533f30fd0deee8fdaa4ec5b978626f7734d3e116b77dc4ac8ae799a470b6adf12851f1221b60b2fb4aa5b546448aa942ae4b918ff6b91c198eb8aeecaece73b081b39... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/7c3b4b254c4c3a72f78ef27039799420:28e956ad51533f30fd0deee8fdaa4ec5b978626f7734d3e116b77dc4ac8ae799a470b6adf12851f1221b60b2fb4aa5b546448aa942ae4b918ff6b91c198eb8aeecaece73b081b39e6b2ebaab1423fd593ac001ccea1d065a27641050ea844045689922f03e845b4d0199c8b2230602a0916446e1cbec4ba2ae0784a3555d8da9c59f8aeee26ae81da931d3810dffbfe7/i?id=31686c9e-9e57-499c-8168-45c5c7820a75&ts=1646691935820
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
14614863-f78b-442f-b699-b5e0f6924aba
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B81
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
45837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B81
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
45150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 9B81
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_bx3ZPOZQJ4JjJQhm1bnehGRkRpLQ-shp8wABD4B09WA9K3BXaeNVvb3MgppNnlJjPN3ooOmK67SYglJyZkU_aIhwBA
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 9B81
225 B
249 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 17:01:10 GMT
x-content-type-options
nosniff
server
cafe
age
19465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Tue, 08 Mar 2022 17:01:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9B81
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVqOeX4YmYonQEcnk3wP8wYuwD9DRwfhn9Jbx6YMP6uCIhb4qEAEgudvzJmCVAqABlZu0jgPIAQHgAgCoAwHIAwqqBPMBT9CIu8S4p25ApKuqh7fJonOpD8C5ZiEFxGns3cYQPyg0HoQxy9TGH_9fxUVbISEbDZqIjbQw5ulQeeLsXxSx2hjqrmheXGicReGrR3onK8A9rGjJqDXxMcRLB4hZgVbjIuuwnVlw3Ua6CQiKV0Uadijsb3rn5o5_QvdKhU89W8JotE1xEEuEaVgoPhZgqin4zn7TomlSKTZx2gMB9lnfzhE_EqdbFf0zMTuEETwseA_7Mpk3CsdgfBw2jOZaffrU8SJZhoVkgDiUxCTM6RP7BqT95X7OpnMP-gpD8oxnbadewPuLd6b31LO51z8KRKFSu4ffwAThpo3Z9wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH0-TLcagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJimCdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=VUe0ZUxJBIo&uach_m=[UACH]
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

i
api.purpleads.io/x/a/7c3b4b254c4c3a72f78ef27039799420:28e956ad51533f30fd0deee8fdaa4ec5b978626f7734d3e116b77dc4ac8ae799a470b6adf12851f1221b60b2fb4aa5b546448aa942ae4b918ff6b91c198eb8aeecaece73b081b39...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/7c3b4b254c4c3a72f78ef27039799420:28e956ad51533f30fd0deee8fdaa4ec5b978626f7734d3e116b77dc4ac8ae799a470b6adf12851f1221b60b2fb4aa5b546448aa942ae4b918ff6b91c198eb8aeecaece73b081b39e6b2ebaab1423fd593ac001ccea1d065a27641050ea844045689922f03e845b4d0199c8b2230602a0916446e1cbec4ba2ae0784a3555d8da9c59f8aeee26ae81da931d3810dffbfe7/i?id=31686c9e-9e57-499c-8168-45c5c7820a75&ts=1646691935820
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:35 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
f1a79e73-188d-40b5-b1fa-a5f11e126f57
styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 7724
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 10:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 10:47:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 7724
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 14:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145103
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 14:41:18 GMT
6e86bf657cf13757
nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/
2 B
692 B
XHR
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/6e86bf657cf13757
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/android-apps/com.cerdillac.hotuneb
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e86bf78df663742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgdfPkEgh%2B7MUS7ueqNbXT1NJeOJmpN7gg8FgJUeOBw%2BaF1P8TUWW6%2B0fjusIt5ks%2FwhVCcfFgclnN3GZHPNXLbkjHgG%2BalAZ3jE3Z%2FDS3d%2BGEedKpu4RgAiBWire9RvUxxdMXl%2BnIg%3D"}],"group":"cf-nel","max_age":604800}
truncated
/ Frame 9B81
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2240b924658861da3b49ddf515bbcd134314dfb88bcdbef4bec47b83b3854ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 9B81
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
517079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:47:37 GMT
generate_204
tpc.googlesyndication.com/ Frame 4927
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ijun2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 87E9
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
39d932a328946033e6a962983607716ea563be7427889764ae2e113482b32920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27756
x-xss-protection
0
server
sffe
etag
"1153 / 188 of 1000 / last-modified: 1646691465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Mar 2022 22:25:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7B03
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
39d932a328946033e6a962983607716ea563be7427889764ae2e113482b32920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27756
x-xss-protection
0
server
sffe
etag
"1153 / 602 of 1000 / last-modified: 1646691465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Mar 2022 22:25:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 22A8
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
39d932a328946033e6a962983607716ea563be7427889764ae2e113482b32920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27756
x-xss-protection
0
server
sffe
etag
"1153 / 110 of 1000 / last-modified: 1646691465"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Mar 2022 22:25:36 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7724
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=akzgkl8yc4v9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 07 Mar 2022 22:25:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9B81
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Mon, 07 Mar 2022 22:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ww.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 9B81
46 KB
13 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b12ba011ac71b930c18879e96051d0ed9ba9e1f9e39b5d024345f1180181f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
server
sffe
date
Mon, 07 Mar 2022 12:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3da6b1fed14c46a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 12:12:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B81
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
45838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B81
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
45151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:53:05 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 9B81
225 B
249 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 17:01:10 GMT
x-content-type-options
nosniff
server
cafe
age
19466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Tue, 08 Mar 2022 17:01:10 GMT
eyJpdSI6IjM2YTM4YTQwMDg4ZThiZWM2ZGJhZDU5OGRmMTc2ZjBiN2RkOTZjZmI1NzEyMWY5ODY0YzBlM2MxMDFjZDJiMGIiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 2658
29 KB
29 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2YTM4YTQwMDg4ZThiZWM2ZGJhZDU5OGRmMTc2ZjBiN2RkOTZjZmI1NzEyMWY5ODY0YzBlM2MxMDFjZDJiMGIiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91f6f1ca8b06e55f7da0c1e4a1eb7d6f1e3237b6dcae6a4e0b9e8ebc0ace8636

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
cache-control
max-age=2462400
last-modified
Sun, 20 Feb 2022 14:37:58 GMT
x-traceid
c6fd4f682784badf544be5bd6212d15d
timing-allow-origin
*
content-length
29320
content-type
image/webp
i
api.purpleads.io/x/a/180d0c8825f6253613e564b0a1b05cce:74df1fbef39b33c62f579aee24b8ff1454e2d7995b499b45701cf3ae7dbd5770af4e7d4269c43b216c3dcb1248d2273f4c14d20b27c02f5c2b9818f423ab0c045bc9b285f458537... Frame 2658
0
199 B
Image
General
Full URL
https://api.purpleads.io/x/a/180d0c8825f6253613e564b0a1b05cce:74df1fbef39b33c62f579aee24b8ff1454e2d7995b499b45701cf3ae7dbd5770af4e7d4269c43b216c3dcb1248d2273f4c14d20b27c02f5c2b9818f423ab0c045bc9b285f4585378936727d7a2305294128305ee05db587fe141e2e2343b6926780d3cfe709c5f9bf704e96d6df8bbdd889e188d3f41f7be13481cc64e56f139fafa038cb448fc2ebc8eee401a82d6dc/i?id=552ede80-2ba8-48bb-8ad1-38f83545e805
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Mon, 07 Mar 2022 22:25:36 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
a3d36bfd-eae1-4979-a91e-27c274a55fc0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 2658
4 B
325 B
Image
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=65f2f6e251d13f573abc14a8a2faacfe&pvId=65f2f6e251d13f573abc14a8a2faacfe&sid=8304872&pid=45718&idx=2&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Mar 2022 22:25:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
51a6cc4c1c1bf226f2f097be2c5f1016
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 2658
4 B
325 B
Image
General
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=65f2f6e251d13f573abc14a8a2faacfe&position=0
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Mar 2022 22:25:36 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
a1c2a75ff41b9e93d285757fef88a0ac
Content-Length
4
Expires
0
pubads_impl_2022030301.js
securepubads.g.doubleclick.net/gpt/ Frame 7B03
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 11:35:24 GMT
pubads_impl_2022030301.js
securepubads.g.doubleclick.net/gpt/ Frame 87E9
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 11:35:24 GMT
pubads_impl_2022030301.js
securepubads.g.doubleclick.net/gpt/ Frame 22A8
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 11:35:24 GMT
bframe
www.google.com/recaptcha/api2/ Frame A017
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ac9a43dd76055cc77ec12ea84d4f7360d6ef6e1596674e97e9a5b2ac7977ee5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WoorMUjHTVCYgZNb937xgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Mar 2022 22:25:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-WoorMUjHTVCYgZNb937xgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
f.clarity.ms/
0
48 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:36 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
9fdaf043-c958-4435-93d5-ed911653f29f
https://nets4.com/ Frame 9B81
47 KB
0
Other
General
Full URL
blob:https://nets4.com/9fdaf043-c958-4435-93d5-ed911653f29f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fb9443e2de03752863a1d0831e719754f7c9254124e868f539b0e97821fd76f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
47662
Content-Type
text/javascript
styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame A017
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 10:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 10:47:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame A017
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 14:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145103
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 14:41:18 GMT
integrator.js
adservice.google.de/adsid/ Frame 7B03
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7B03
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7B03
58 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1324509033968256&correlator=3897276360300368&eid=31065293%2C31065486%2C31065504%2C31063247&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=200x200%7C250x250&fsapi=false&eri=4&cookie=ID%3D72a457663175831b-2221096657cd0087%3AT%3D1646691935%3AS%3DALNI_MYcrXIukfNjVdxvjMq05ypr4Fp7Yw&abxe=1&dt=1646691936686&dlt=1646691936203&idt=433&biw=1600&bih=1200&isw=200&ish=200&oid=2&adxs=1128&adys=255&ucis=7el8icdkqr7r&adks=2211438825&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fandroid-apps%2Fcom.cerdillac.hotuneb&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=200x198&msz=200x0&fws=256&ohw=0&ea=0&ga_vid=1631161480.1646691934&ga_sid=1646691937&ga_hid=1033647035&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6de6841897d0649ed404e0bdf41b20651b3ff6fdcc4aad36e655f1bb89895705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12955
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7B03
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1c09aefaece137bd3819ae7698de3667926af5e9598892d995aa122bc1b8038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10602
x-xss-protection
0
container.html
253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06C8
6 KB
3 KB
Document
General
Full URL
https://253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 22:25:36 GMT
expires
Tue, 07 Mar 2023 22:25:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 87E9
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 87E9
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 87E9
26 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1903419782497859&correlator=3827774354128113&eid=31065486%2C31065501%2C31063247%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&fsapi=false&eri=4&cookie=ID%3D72a457663175831b-2221096657cd0087%3AT%3D1646691935%3AS%3DALNI_MYcrXIukfNjVdxvjMq05ypr4Fp7Yw&abxe=1&dt=1646691936736&dlt=1646691936194&idt=520&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1532&ucis=efgx8h3xrwek&adks=471609500&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fandroid-apps%2Fcom.cerdillac.hotuneb&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1631161480.1646691934&ga_sid=1646691937&ga_hid=314736337&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6e0aa6149845250466f64e6a5935f86ca82c6be609e462594962a4ce45794e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11659
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 87E9
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd5b43bdec5b6e3f89df984887a411f753b99d4ab0c1d971782927b407ad9867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10379
x-xss-protection
0
container.html
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D18C
6 KB
3 KB
Document
General
Full URL
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 22:25:36 GMT
expires
Tue, 07 Mar 2023 22:25:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 22A8
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 22A8
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 22A8
26 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4060994864913900&correlator=2250371796413535&eid=31065498%2C31063247%2C31065516&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=200x200%7C250x250&fsapi=false&eri=4&cookie=ID%3D72a457663175831b-2221096657cd0087%3AT%3D1646691935%3AS%3DALNI_MYcrXIukfNjVdxvjMq05ypr4Fp7Yw&abxe=1&dt=1646691936754&dlt=1646691936216&idt=531&biw=1600&bih=1200&isw=200&ish=200&oid=2&adxs=1128&adys=1283&ucis=1l5ncp7gfl86&adks=2211438825&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fandroid-apps%2Fcom.cerdillac.hotuneb&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=200x198&msz=200x0&fws=256&ohw=0&ea=0&ga_vid=1631161480.1646691934&ga_sid=1646691937&ga_hid=2017734351&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
193b28a9bb8e9a7298371df1b9c58b2848e7151e23a715634889cf4cd9e835bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11398
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 22A8
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef239b36f33cd340c7bc0536370fd9085707453ea99676118b794e2ea37d2bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10319
x-xss-protection
0
container.html
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7B2
6 KB
3 KB
Document
General
Full URL
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 22:25:36 GMT
expires
Tue, 07 Mar 2023 22:25:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7B03
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 87E9
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 22A8
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1AFB
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 20:10:15 GMT
expires
Tue, 07 Mar 2023 20:10:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
8121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 91F8
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c7b5b123af8cc1d59c5200e66acaf90e21088ce3ca6549473570523270451f5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-exrGfUzbnRCXXe5XtEB0LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 22:25:36 GMT
date
Mon, 07 Mar 2022 22:25:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-exrGfUzbnRCXXe5XtEB0LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD9E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 20:10:15 GMT
expires
Tue, 07 Mar 2023 20:10:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
8121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0196
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8dc29251382655d59a7279379cc1d5307cd6bde6cb7e75cada7c7ee7ea0f9e9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jiaVds3O3invt1/Hs9V2Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 22:25:36 GMT
date
Mon, 07 Mar 2022 22:25:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-jiaVds3O3invt1/Hs9V2Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B88E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 20:10:15 GMT
expires
Tue, 07 Mar 2023 20:10:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
8121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8F78
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5e096471fa9325ef56feb2c3f0b5a2496b759c09567ac78fc96f966c1a3de78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yrirWoVLM7mRp9cdxNYhQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 22:25:36 GMT
date
Mon, 07 Mar 2022 22:25:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yrirWoVLM7mRp9cdxNYhQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1E8
6 KB
3 KB
Document
General
Full URL
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 22:25:36 GMT
expires
Tue, 07 Mar 2023 22:25:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/9eced39d3c03ebe4dc8b3b930b4ecc4b:f4e4b96b3781bed43ff71628d3110a61b1b1b97b17fd587c30e08f38a9c10c26d63eaf3292023eb1f91deee936b189f75b1e939decf0db9e4f68a65ba483b5cb87f60f836895d79... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/9eced39d3c03ebe4dc8b3b930b4ecc4b:f4e4b96b3781bed43ff71628d3110a61b1b1b97b17fd587c30e08f38a9c10c26d63eaf3292023eb1f91deee936b189f75b1e939decf0db9e4f68a65ba483b5cb87f60f836895d794650272ce8d1b4e40a5d4cb05e5ae5e9840e4afc83a6a643c568853e872c774b55d618cf97704e586d343087453b51b080f5242ea9540849047fdef4ca92f142346507e31ee4275d3d25b9673badeb51db5219580a75645a9/i?id=457d30d3-795b-4ba6-bcde-6c113ff93305&ts=1646691936910
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
6a9d82e1-afd6-46dc-9bb1-4bd966899b6b
i
api.purpleads.io/x/a/9eced39d3c03ebe4dc8b3b930b4ecc4b:f4e4b96b3781bed43ff71628d3110a61b1b1b97b17fd587c30e08f38a9c10c26d63eaf3292023eb1f91deee936b189f75b1e939decf0db9e4f68a65ba483b5cb87f60f836895d79...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/9eced39d3c03ebe4dc8b3b930b4ecc4b:f4e4b96b3781bed43ff71628d3110a61b1b1b97b17fd587c30e08f38a9c10c26d63eaf3292023eb1f91deee936b189f75b1e939decf0db9e4f68a65ba483b5cb87f60f836895d794650272ce8d1b4e40a5d4cb05e5ae5e9840e4afc83a6a643c568853e872c774b55d618cf97704e586d343087453b51b080f5242ea9540849047fdef4ca92f142346507e31ee4275d3d25b9673badeb51db5219580a75645a9/i?id=457d30d3-795b-4ba6-bcde-6c113ff93305&ts=1646691936910
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:37 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
51487669-43f0-42e1-a33d-5ff9f460a818
sodar
pagead2.googlesyndication.com/pagead/ Frame 91F8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1324509033968256&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0196
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1903419782497859&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 8F78
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=4060994864913900&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
pagead2.googlesyndication.com/bg/ Frame 1AFB
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 19:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13775
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 19:04:37 GMT
cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
pagead2.googlesyndication.com/bg/ Frame BD9E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 19:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13775
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 19:04:37 GMT
cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
pagead2.googlesyndication.com/bg/ Frame B88E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 19:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13775
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 19:04:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B1E8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDmVJYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTSAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xVfoCBmXMh00C3cS9gzHyfeaP2ivODqeFIN7N5Ze6NAzssYPkwUu4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=HzUaijHIfrM&uach_m=[UACH]&cid=CAQSOwCNIrLMsmCb8NKuR_DwngYug8eRAtK84OcKISpN8kHXQpTnUr7PN0eYpC_Epj_RLSW0uvUs5EVqX-rjGAE
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

winResponse
prod-rtb.ad4mat.net/ Frame B1E8
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hy7qw1vbpv60bk5srq306rgxjxt4wkgm1b158avyktq2jt9pzwtpp65jfv94vh2rwj8m37np8q6rx4ymjknzaypd2zdb9nyyh8zbh8h7vg93ysa52269xvvv6q5erqwf57fbj5d4mmqced93mp4wf218q1bvjgkk8svcz7v3fpe35h2970yhqp6jvht9k379234gqg847ymbgmpmtj7pkmxxc1jbv2rke0vrnhyzkkt2r5qd7ene3drvg7pqe2fbvx61yr2v27x534qktcnpyjym9ww8r6k1zm5nzngd5xcexvw9v2a0bb1sykt43hh657rf96dhbrt6pbtprtthfb3yh9s3xk59ydmnaxrnq72j72792tffwtpbj47t50es6cpfeh2jnbtevyf0vfpfb448we3a&b=YiaGYAALy_sKiwRZAAIdxi-hLCOe-XWjKbPRig
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Mar 2022 22:25:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A7DD
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f857944ed91d6cfc4a49f641568f8ee0c6f021e9b85406f4fb959b5b2eaa6e41
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e86bf7edf7b3761-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame B1E8
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 21:53:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CCF8
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 07 Mar 2022 05:53:44 GMT
expires
Tue, 08 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
59513
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame B1E8
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 22:07:07 GMT
l
www.google.com/ads/measurement/ Frame B1E8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiVFZnnYrUndAhAJe8vl1empsxcOVuF4wohEPc427fE7MH7R8O0N-iUDy8IblUjRqTROxkWaIRWBNjbIq9qFMCw2uwpA
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B1E8
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 09:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Mar 2023 09:00:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1E8
124 KB
39 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:37 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 862A
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 862A
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 862A
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 862A
43 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d843ad3a3881e8bb473d29e92bbfc2de1737cd85097bb448aff9a7fb05e544a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14476
x-xss-protection
0
server
sffe
date
Mon, 07 Mar 2022 17:46:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1cef8e0038993477"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 17:46:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 862A
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 862A
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Tue, 01 Mar 2022 04:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Mar 2023 04:37:40 GMT
css
fonts.googleapis.com/ Frame 862A
8 KB
891 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2fc1b2d9aba57e8f207c9272af85d95eacbaa7ed664abb4fdcfe3c9fda7c1f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 21:10:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 22:25:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 22:25:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 862A
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
45839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 862A
295 B
321 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
45152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:53:05 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 862A
225 B
251 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 17:01:10 GMT
x-content-type-options
nosniff
server
cafe
age
19467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Tue, 08 Mar 2022 17:01:10 GMT
i
api.purpleads.io/x/a/ec01a2520d6e741555e463ecf6c2f820:7df982b9110bb12e40f165d6958801e375f09131973c62ab2577ba556a39f865bc4066005f809c9aca2f56445999ef8ea5dc8520f17bd51d1ff355ce15adda6a89aebda61775575... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/ec01a2520d6e741555e463ecf6c2f820:7df982b9110bb12e40f165d6958801e375f09131973c62ab2577ba556a39f865bc4066005f809c9aca2f56445999ef8ea5dc8520f17bd51d1ff355ce15adda6a89aebda61775575131fce00c2d83af1f6303eeaeb8bf6cc64b042c0fe990b2e5663f57201661576b79ef542691d4e273fdddc8eb8da06305b5b64d556e7b7d4b9331786bc83de36a8509bfb98fc35b32/i?id=aa665ff2-8bac-4f8c-8e87-9690f0c0afc0&ts=1646691937072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
8ab09212-7ae8-49ad-ba80-88f596cb9ac5
l
www.google.com/ads/measurement/ Frame 862A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfd1XPfIoOS2GMOVH2UJNlxv1dn5moZ8M6tw2vSM5q01IOh5E1uNzN8Dt14YO9FpfPSpV49Gwwt-j6IqSThtRqTlscKA
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 862A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRf69YIYmYrWMLISQrASZobagBM3tgdRnoLO7-sMNoIuumagdEAEgudvzJmCVAqABxZGMlALIAQHgAgCoAwGqBPQBT9AH_ZX7mxIJdg6dNIVDWfQCghyvfLg4I9dzyDBCIv_XnAA0bu3GBN95pv1RFPD2kGYTutlap0m9QU0TMe4J9VjPHgg-smHzZF1rKiQwsSwVIuevP4fAkQsLqJB73OYcwpDdkwktvhkLBT_w-8eRCo-k5NLka-8mcEX4rJjXgXlaw1LWVKlYkwLXSiKsxSWKB-mfHbISF4Rp-JviL0B2Nv2_grGjBagycumXOKkpmQrmBtWC0cqPKa4Obkcy8vEYk97jVprY9CTVMr36o8Uc1XKCgLajtv53jKqpPV1EWMSw-z4jPYE2rNsQQCU8MK6HSBah4MAEmYurwq4D4AQBkgUECAQYAZIFBAgFGASAB6Pu8-sBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjfoC0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAYi7l3&sigh=2O0TBHaqO3Q&uach_m=[UACH]&template_id=5020
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

i
api.purpleads.io/x/a/ec01a2520d6e741555e463ecf6c2f820:7df982b9110bb12e40f165d6958801e375f09131973c62ab2577ba556a39f865bc4066005f809c9aca2f56445999ef8ea5dc8520f17bd51d1ff355ce15adda6a89aebda61775575...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/ec01a2520d6e741555e463ecf6c2f820:7df982b9110bb12e40f165d6958801e375f09131973c62ab2577ba556a39f865bc4066005f809c9aca2f56445999ef8ea5dc8520f17bd51d1ff355ce15adda6a89aebda61775575131fce00c2d83af1f6303eeaeb8bf6cc64b042c0fe990b2e5663f57201661576b79ef542691d4e273fdddc8eb8da06305b5b64d556e7b7d4b9331786bc83de36a8509bfb98fc35b32/i?id=aa665ff2-8bac-4f8c-8e87-9690f0c0afc0&ts=1646691937072
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:37 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
f653b2fb-d91a-4005-b820-d6c5ca2ef780
container.html
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9260
6 KB
3 KB
Document
General
Full URL
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 22:25:36 GMT
expires
Tue, 07 Mar 2023 22:25:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/79566d4e300e893a0a989501afa9d634:ca7d261da79a650dc4bf5db449c4f8c2bf0951feaf4edbdad8cf3ae056e592b58152ae33ff390a593845a36e44e70c1a2033efa0c1df5ffe96fbc15fcecf269dee9dcb14c08b335... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/79566d4e300e893a0a989501afa9d634:ca7d261da79a650dc4bf5db449c4f8c2bf0951feaf4edbdad8cf3ae056e592b58152ae33ff390a593845a36e44e70c1a2033efa0c1df5ffe96fbc15fcecf269dee9dcb14c08b3359dc61014101c76db959a9db8507cb406267a61f2011f3b2c9a4d88ec418c64d545d5566142a99b07e3ad2c65af808e58e1340aa2375c11b41ed9f33d240c832a598e619c4e3a22923/i?id=7e2e3768-548f-45ce-a843-a16869ed3921&ts=1646691937091
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
b7f9fc5a-533b-4772-aa64-5a2875b40e93
i
api.purpleads.io/x/a/79566d4e300e893a0a989501afa9d634:ca7d261da79a650dc4bf5db449c4f8c2bf0951feaf4edbdad8cf3ae056e592b58152ae33ff390a593845a36e44e70c1a2033efa0c1df5ffe96fbc15fcecf269dee9dcb14c08b335...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/79566d4e300e893a0a989501afa9d634:ca7d261da79a650dc4bf5db449c4f8c2bf0951feaf4edbdad8cf3ae056e592b58152ae33ff390a593845a36e44e70c1a2033efa0c1df5ffe96fbc15fcecf269dee9dcb14c08b3359dc61014101c76db959a9db8507cb406267a61f2011f3b2c9a4d88ec418c64d545d5566142a99b07e3ad2c65af808e58e1340aa2375c11b41ed9f33d240c832a598e619c4e3a22923/i?id=7e2e3768-548f-45ce-a843-a16869ed3921&ts=1646691937091
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.13.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-13-37.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 148b38f0f95a731cbf1c8362eda62623:cb9905c126417e4e76044c94bca6111761c74aa38a9bccdbbca25c8b94de4eca9878a9b8fe9f1cfc5ac5e9a141490cb70199107536e1da5cdf88bd8ac50fbb02
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vYW5kcm9pZC1hcHBzL2NvbS5jZXJkaWxsYWMuaG90dW5lYg==
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:37 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
298873c7-1846-4f17-83c4-8231f4d89f04
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1128
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=989279916513946&bg=!9_Sl9LDNAAb7UztL-1M7ACkAdvg8Wmh1MCeuk5YORk2_1V2EzJiEFPTCqcVI-a3AOE2ZMw1lENZHKAIAAAMEUgAAAAJoAQcKAInPVga4VQmU-oFDWsX6JwctAo8dHXroPpqdwbMz2Fr3vWBvofV15Uh6NSVvL_GvX7Ei23VGCAqkr-yOslu07CIpdXY4gtz4cFBSqs8RPF6D-3uJUqRvg0-IJ8QgcptzvR7J_IwVR9HIuhOxdWbuS9rB3YvTWKKk6lBHX-zMPf3lXTEGEeCGZJKYRZkC1tJgnHzHKSGIKYF6e6_VBuvYHu2j8_7NI3s5lIax9IzJbkZtlZH0tnaX3BRccpmcODNqgFAD8Op4MJ8HxS4Wdw2hWrhsM8xxCbQp1Ip2ulj0UAH0JmFha35Dun9U588r_owzQoAuPyrDf8ZMOuHSWD7HGclpU-uC0A3zlr6PuP4oiE61qB4mBAjckkkmuMQqz_eNFNIn8uDeOk9HMjbDLRRSobZzSpclMBxMPInrV-UnbiKfHrJ2BjbQGnMtokkNbjvt8FE-xnOpfO3xAejoptP2jkEYF2vkBcxlgrHDAk19DOaIaTSai42HJ1suK69HTUWESJpU-5CRVkU3234Eg30HlbiNXAPAqiAnBKQXUlQmcEryZAjhxPT-FwbD-lrZ-QbWTg86hGrvYkrOl0gRcvh-J-lSj51yEiC2_QP1Hkhnc5XnTaFv_YqtP3vOyv68yhZ86WYwfbkUMyWtft8kWf6b0BCTLkJkN2qAeA57cmJZQD1uHHWPRG90TSS2GQGEZeWnVtQIAR_8baui5WvNYFa_Q3Plaj4UE5-hZ7kGOU1sLwbVdNLdVqEF9yJrstkdMRBHGBtWxbzjlx7n_v_CyTAB9qIlVcuYm_Z8H0eNazYZ8HMEbdEMQsNoUOrGiVRYXeLC1enGSpauugcNiky5roJpdWxL-NjpIQii4kExn_CJzgLUNeKh16AwNeO88j7bBn_mxl1BL_wIkvILanyTCZLtiNQI62NpD8d8CON-DXXjk0qtRiGQDGzMq97lNwjgF_FQsOne4CQO3HIWLQLlDT8KpZMDSYSP4OPid6sK2Yvj0plXVw-dvG9qkIItjafrxALDbldLBbpEGN787TqyRPBvced0WAvj0smL2KMFFADApcZMb27uX6EB29pUr1PPnyAD9BioRShkOnrxzYh1cuL9WQTakEqQClOBqADhnkEaj-msIDIumZ73Gy3ZnYUD3OhQ6MdjAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 862A
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 862A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ab58a3c6eb8f923c5517718a50ba37fd7c8c8d3a05cba7907c938ad56a78f1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 862A
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
517080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:47:37 GMT
/
google2waycm.netmng.com/cm/ Frame CCF8
0
0

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWlhR1lRQUFCYzZKREM2ZA&google_push=AYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi5r9eVKzLzhCbRQQN0g1wxmB5D2gO4WTeormF9yYf1Oyrr_aQpa8PZdNI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWlhR1lRQUFCYzZKREM2ZA&google_push=AYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi5r9eVKzLzhCbRQQN0g1wxmB5D2gO4WTeormF9yYf1Oyrr_aQpa8PZdNI
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWlhR1lRQUFCYzZKREM2ZA&google_push=AYg5qPJ6HwGt9yfWGDntb_3RaLt5t9MFu9rSAvqgCgi5r9eVKzLzhCbRQQN0g1wxmB5D2gO4WTeormF9yYf1Oyrr_aQpa8PZdNI
Date
Mon, 07 Mar 2022 22:25:37 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWtOUGhxd2YxTnJsTm41&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWtOUGhxd2YxTnJsTm41&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x00xweil19fb_fTgKnPJDKzkLkO8Lavc1PuZzlD1qro7PxgO3JVLzU-
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Mar 2022 22:25:36 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWtOUGhxd2YxTnJsTm41&google_gid=CAESELZokWEILYT3dr8AWIdk3Gk&google_cver=1&google_push=AYg5qPImpRbx6j23X-3PiANK-pSUvO9TrxvN3KKbcXLi4x00xweil19fb_fTgKnPJDKzkLkO8Lavc1PuZzlD1qro7PxgO3JVLzU-
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CCF8
0
172 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENuo_G2gwEmRWXrJ9-LRB38&google_cver=1&google_push=AYg5qPLAlwYGWngEk2mWDU6nvzbdBt2bqSE2rvQ709Al6wLEOzJIrjPmyGMzTmANUr0DNNtlQu0pRhSiliAYxpzyaQxSCIhqFfk
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEBIT9WwHJxbjF45tTDWumg&google_cver=1&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PdL6ITcsSKOgBtTYIT2KxA2&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6bjFInrATcwccn
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PdL6ITcsSKOgBtTYIT2KxA2&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6bjFInrATcwccn
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 07 Mar 2022 22:25:37 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PdL6ITcsSKOgBtTYIT2KxA2&google_push=AYg5qPL5Xnh-VpiaDWiR4C8inErk9fEo5W6jMQXZgxwYvu3mLOBrJZvEoGokMw5jXWQtUN9-L2aeU0VV8MfPPG6bjFInrATcwccn
x-host
tde-deliveryengine-production-6b8798558c-b9l4k
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP1Ii4apFJdNZru-jypdLpI&google_cver=1&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP1Ii4apFJdNZru-jypdLpI&google_cver=1&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZs...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNjk3MTkyMDYxNzc1MzE3NA&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNjk3MTkyMDYxNzc1MzE3NA&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBIfq6vKZfdfkI-cshVtfc
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAwNjk3MTkyMDYxNzc1MzE3NA&google_push=AYg5qPJ7zkqDrZ5XxCeMQlKfxXsnACn3qO371QU-rWc3kWNBsrPCjQKkP2bBvnEkZ1Jd0zliuZsRvRBIfq6vKZfdfkI-cshVtfc
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ21I5vFdpNpkp8l9xHM9U&google_cver=1&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ21I5vFdpNpkp8l9xHM9U&google_cver=1&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02WnVyX2Y1RTJ1SE9yVnhwZzQwWGxjeVVqRWEzMzR0dn5B&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02WnVyX2Y1RTJ1SE9yVnhwZzQwWGxjeVVqRWEzMzR0dn5B&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88wBT9tLwovnO9Wu8aluQ3Qq0mLQTg
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02WnVyX2Y1RTJ1SE9yVnhwZzQwWGxjeVVqRWEzMzR0dn5B&google_push=AYg5qPIaJlFq6UA0UrFLRPHi2SVmOEzQqmHztiW4nHSZHlRgR-V4sq9JQexCU_HJTZ2Kwkqi88wBT9tLwovnO9Wu8aluQ3Qq0mLQTg
date
Mon, 07 Mar 2022 22:25:37 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame CCF8
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNdvSz8CYjKdrFGdpz3IMiY2ze5__svKT9vTjV0_DwLq3pa-sxCUIcDmSJod5KDDSErZDRag
Requested by
Host: ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
URL: https://ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 9260
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKL5VYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIACT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiBgv6uOEl_mmnuZcqlM113mDNw-7HrCMTjlQbw_JOF731K9ZkjGveAEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=8uO-vZU0qxQ&uach_m=[UACH]&cid=CAQSOwCNIrLM7vc49MxQfdwqSD54LIS4H6BTavhGGBE49gl0gNQGyIlkQWGzm72BUXmOsbHE7TGkDimPLH5RGAE
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9260
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKSXErekCcgByAGdg2ICAgAAAMJAFfmDrwiAEGCGJmJ3IZcBL-74aScrjgAS&wp=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
server
Kestrel
server-processing-duration-in-ticks
289181
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame AE26
202 KB
57 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d263596c9ef301d41fd7b571d282f7c84c6730799d94d92c966853b1a5d71fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=T8kD68NSOH8tHYMjzPj5e8U4fslXjt9-xz4Sc2IiggqmzoqsqM9itdhue1p4smmgV-lb9Aetu2Uxy2W2THMEZcLTT-6i4SfaoVQPCkx1SWl9DUqf0ka2OhjpQHOCyrfRVa8pB8mQc8yyHEkBfB-M7dePlrRVh4hoSFMNBMiBhkD-BNEF2XKU46R6XZOHICRKuwIyJ1x3aK0NZX20HYWi9sbu_k6ZolentNHhNe2Mzg5Ov47PZcK7joE5nrs"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
104030896
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 9260
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 21:53:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0D03
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 07 Mar 2022 05:53:44 GMT
expires
Tue, 08 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
59513
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 9260
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 22:07:07 GMT
l
www.google.com/ads/measurement/ Frame 9260
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbxBVXNIkNnzLF93TJqxJ_7txOKC7iZWTyv24UpVjZx9ICDUycUap63a0RVw_AVL_CLZdad9wVQlbfnC_J4HCVUt94Ng
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9260
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 09:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Mar 2023 09:00:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9260
124 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 22:25:37 GMT
truncated
/ Frame B1E8
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0330eed2ad5c5dfdd442cbe01920a1eb4dde9d1c18d5477974a9c789083e5d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A7DD
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1058429
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 23 Feb 2022 16:25:08 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e86bf7ff9a20e26-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A7DD
35 KB
13 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41036
x-guploader-uploadid
ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BbHi3eU4eTApWYIShFqciQ%2BWKzArj1T1WICn93ZeojA%2Bcvu7MXPQd1bAi1OObceRz%2Fq5gGbGqBIFwDHYiiw43PX%2B%2F5voHEncvOcayM6WHEJMRSkLf8jWahoohLs6yaOj2yMfr8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6e86bf7fd9b33761-MXP
expires
Mon, 07 Mar 2022 11:01:41 GMT
generate_204
tpc.googlesyndication.com/ Frame BD9E
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?sUKZKA
Requested by
Host: nets4.com
URL: https://nets4.com/android-apps/com.cerdillac.hotuneb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ww.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 862A
46 KB
13 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012202072236000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b12ba011ac71b930c18879e96051d0ed9ba9e1f9e39b5d024345f1180181f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
server
sffe
date
Mon, 07 Mar 2022 12:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3da6b1fed14c46a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 12:12:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 862A
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
45839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 862A
295 B
321 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
45152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 08 Mar 2022 09:53:05 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 862A
225 B
251 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 17:01:10 GMT
x-content-type-options
nosniff
server
cafe
age
19467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14085932017949564970
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Tue, 08 Mar 2022 17:01:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 1AFB
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?4XAn7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B88E
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?rgSJcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dpixel
cms.quantserve.com/ Frame 0D03
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOyqSTsJvJjXc1JOkfVX_jg&google_cver=1&google_push=AYg5qPIs12FVmENYTEVn4YpWrbM0338cHyzXfkDzzcARQjtHTg-Q6xzPR_PsEInzLwqiyxgFYAtOGgjcdRcqDJta_XO9iRYnyTU
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D03
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKoSKUaOv7yrESt4MntmIBk&google_cver=1&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMW...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMWHau33cUsX-0hVNdsQ&google_hm=8zCYU50kSl2IdgacbS91DgY
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMWHau33cUsX-0hVNdsQ&google_hm=8zCYU50kSl2IdgacbS91DgY
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCZBDVylpPhpXkcmhlzM_o3vVmfmNxHMxNTnOU0ng3XKXkantMH6iW90QhPnj6TFE550gfirR5mMWHau33cUsX-0hVNdsQ&google_hm=8zCYU50kSl2IdgacbS91DgY
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D03
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENuo_G2gwEmRWXrJ9-LRB38&google_cver=1&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQU...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQUzNnwYXFqR9NtVR&google_hm=hmImhmH9oRGSEJVx1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQUzNnwYXFqR9NtVR&google_hm=hmImhmH9oRGSEJVx1Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62268661FDA11192109571D5BLIS
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI8GkSZoR-FcI5OTANGyspeXoSSJmfzTYHxDcwYUIz9cNP7MC0X7FK9bzsC6Shxbi8mkCHlIVHtZ_hdQUzNnwYXFqR9NtVR&google_hm=hmImhmH9oRGSEJVx1Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62268661FDA11192109571D5BLIS
date
Mon, 07 Mar 2022 22:25:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0D03
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFEW3m5m_r5CrAZ5YJsAbgI&google_cver=1&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_TSrk&google_hm=ODA1MDIwNzUxODk5MTMzMzk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_TSrk&google_hm=ODA1MDIwNzUxODk5MTMzMzk4OQ%3D%3D
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 07 Mar 2022 22:25:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK_qMc8PDV1ZpVik4X7kb2wiUdkHSTuo2M_-XNXL_J4Xriq8l402DW8wfepU8GwlAoZ9qvhzHLKdKzZ8IyPSa8v86_TSrk&google_hm=ODA1MDIwNzUxODk5MTMzMzk4OQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 0D03
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-2cdfe9ef-574a-4522-abf8-81eafa937633-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJwV6mA-h_i7KTilvJ84...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&google_hm=Ayzf6e9XSkUiq_iB6vqTdjM
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&google_hm=Ayzf6e9XSkUiq_iB6vqTdjM
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJwV6mA-h_i7KTilvJ846n92_ti9kUo7nOzz5qZppr-tIu9vDxj4wt-R1CLQJw9OAKFnk4Y2645N7IysQo5e2tlhpt8bPsF&google_hm=Ayzf6e9XSkUiq_iB6vqTdjM
date
Mon, 07 Mar 2022 22:25:37 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2cdfe9ef574a4522abf881eafa937633003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0D03
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKYXNkNk0qdPzm91ClCK9qo&google_cver=1&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg2MzIzNDU2OTI1ODk1MTM4MzIxNw%3D%3D&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg2MzIzNDU2OTI1ODk1MTM4MzIxNw%3D%3D&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg2MzIzNDU2OTI1ODk1MTM4MzIxNw%3D%3D&google_push=AYg5qPKZsaQopWcmS71lC6EPyNklsapZttsd7-nWak0iqEHZK2idd-z6dISfgy47RQTH2-KiR2P0uEna3KRERBHofOqqXGbSH06T
date
Mon, 07 Mar 2022 22:25:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 0D03
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPt3RE5NAeVGsliJ1zo4y3Y&google_cver=1&google_push=AYg5qPLUPbZLuyRJkSC_gOFWGagE1QwLl-NEb5SkA4lwbKZ-Lr9wD5I6iCQMycKi-tkhygaxfLNNRc9i0egUlej5EjfC5Qd_dOJX
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0D03
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgdHwKE_xMG20Qpd78Qjy6WZ_tiHzHDTIs9pfG7lZZ6ETvL0Y755dukw508pQ1XQWYdiN7
Requested by
Host: f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
URL: https://f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 9260
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1123756720604bb1aa624a0ed5fb65b7f9f6ecb27e1766cacf69a8d813843f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
39a5fb9a-0bcc-44cf-b3f8-ec19e45903e8
https://nets4.com/ Frame 862A
47 KB
0
Other
General
Full URL
blob:https://nets4.com/39a5fb9a-0bcc-44cf-b3f8-ec19e45903e8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fb9443e2de03752863a1d0831e719754f7c9254124e868f539b0e97821fd76f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
47662
Content-Type
text/javascript
privacy_small.svg
static.criteo.net/flash/icon/ Frame AE26
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 22:25:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AE26
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 22:25:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AE26
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Mar 2023 22:25:37 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame AE26
507 B
835 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Mar 2023 22:25:37 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame AE26
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ziNEqWml-kndz5FSyDkeGTrnTE8QokEFFNKlCJ5UlMLBNAHrGUWKBEcVgHlrrqxtPxLbfLORrDsu-uMooa9CfmCIrlsr6y79-Oe5uIWvFXf3imGdtITBB7_WhTAdfNls6_hnoSbLNEzb0tCetjf_ZiPri4a0VrWFeP5WpI_JTeNsQ3Rg08x4lh-Ernwmi5qRfa7mA1Joff6VJenZpqS_tDb6KzYPdbUvz4SD5GsK55j1iLrX4Kk5h50x2IKg0xmybDvfrTi0xe7AlRSq_hlD0-XfVbYg8dc8w5QhWPRPyh23CKRoyLz64G3K72w5MzGHCjcc4t3A24smpk5VjWAvQL2AW31vb56OcJYchf-C99O4tCr8mspkIi6UDU3Xndz_uGvtQPX2PZXh1DESo8-UqvIOfDGRj_ykf8LBzZqn8HQJwHuhMpV1Xxa-HoDrnaeqyz40bw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3211465
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A7DD
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 07 Mar 2022 22:25:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23449538
x-guploader-uploadid
ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgjYaL0w8vJgakWEr%2BFxoV%2BNhMO9h5TcF%2FkLDVnvkx7TW4JYJCcsha7Y5pQpDHqRb5CG6qlEXZNhMdAmV02XM1q2NZ7POIZUHg5vxoUfteespyKi7TCrlnP2Ql09w52%2Bn%2BeXKtme43iBItfRCQ7InMsB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6e86bf81abdef927-MXP
expires
Thu, 09 Jun 2022 12:39:07 GMT
frame.html
ad4m.at/ Frame 4F6B
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires
Mon, 07 Mar 2022 23:25:37 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
771509
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33ajPrC%2B29LBuwFRhTvKEhgFGomiUy94bGFzYdXhcGMas6lmuGXwBWTzHCVz5iFck%2F0k3BrlkMZG1ICGH2xj%2BRR5NykoHqFG2mX8%2BBHlSAAN%2BhfgLRrlt1OUz2uyHYlOevoVa8M%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6e86bf818f160e26-MXP
content-encoding
br
animejs.js
static.criteo.net/animejs/ Frame AE26
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 22:25:37 GMT
img
pix.eu.criteo.net/img/ Frame AE26
20 KB
20 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=60&m=0&partner=87447&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F87447%2F211224%2F3ccc5ab91e8347b5b96defaed8d5ca0e_naturtreu-logo-neu-fuer-header_175591c4-1c90-4e89-9c39-5bb9833e2de7_360x-2x.png&v=3&w=396&s=x-lIS205AYRkwCT4hPyX7vNd
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
125d16cab4e45603f156dcaf3cb0328d53b926d0b60bea5d69c998af15174222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30775172
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20180
expires
Mon, 27 Feb 2023 03:05:10 GMT
img
pix.eu.criteo.net/img/ Frame AE26
28 KB
28 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FNaturtreu_Wechselwunder_Yamswurzel-Komplex_vegan_Titelbild.jpg%3Fv%3D1645104643&v=3&w=400&s=royKNnFNVt9Ga9qBWJ6kMiM6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
799cada1d1d8ae72cba81c3b2d192ffa233716a7ae9efa0da4b68c2edef5aeb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30027295
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
28754
expires
Sat, 18 Feb 2023 11:20:33 GMT
img
pix.eu.criteo.net/img/ Frame AE26
20 KB
20 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FTraumhaft_01_1_1.jpg%3Fv%3D1645192357&v=3&w=400&s=_q1hK8o7MQNcgsr6SYY5cSg8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
91fe686d5a678006d7ac6d34fb588ccd350eeb023df8ef14d11d6ec12b9380e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:36 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30200029
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20534
expires
Mon, 20 Feb 2023 11:19:26 GMT
img
pix.eu.criteo.net/img/ Frame AE26
22 KB
22 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FFlammengarde_01_1.jpg%3Fv%3D1645192958&v=3&w=400&s=yotgn3r4Z0OT1SqlWvC4XBC4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ef56f134b679906602abb496159b39087f8901fea7ea9d2ab8a408ab8ff7862f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30200022
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22648
expires
Mon, 20 Feb 2023 11:19:20 GMT
img
pix.eu.criteo.net/img/ Frame AE26
19 KB
20 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FNaturtreu_Heldenkraft_Maca_Tribulus_Cordyceps_Safran_Ginseng_Bockshornklee_Titelbild.jpg%3Fv%3D1644936770&v=3&w=400&s=ctw-NH2jpuB9BoW8U_Alf2n9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
40173682666d36546839854347eb9e5116aab993708b3233c58b8c3bbb6eaafe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29854546
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19846
expires
Thu, 16 Feb 2023 11:21:24 GMT
img
pix.eu.criteo.net/img/ Frame AE26
22 KB
23 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FMockUp-Set_Druesenschild_01_1.jpg%3Fv%3D1641897396&v=3&w=400&s=xmcujgO7a2OyWSyMb6gKrcEP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
25c3fa13fbe0829b70a3791712f170560d1169b7eb8db17d114ef3072940b283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29519619
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23006
expires
Sun, 12 Feb 2023 14:19:16 GMT
img
pix.eu.criteo.net/img/ Frame AE26
27 KB
27 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FNaturtreu_Frauenstaerke_Inositol_Moenchspfeffer_Titelbild.jpg%3Fv%3D1645100981&v=3&w=400&s=pc65TAvu8eYMqq21f7ay2ij4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0fad4b1ca2d203bafc42d58cf9b62ac6ab27288e4af9317aab0d5edae42f3ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30027306
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
27766
expires
Sat, 18 Feb 2023 11:20:43 GMT
all
csm.eu.criteo.net/ Frame AE26
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=T8kD68NSOH8tHYMjzPj5e8U4fslXjt9-xz4Sc2IiggqmzoqsqM9itdhue1p4smmgV-lb9Aetu2Uxy2W2THMEZcLTT-6i4SfaoVQPCkx1SWl9DUqf0ka2OhjpQHOCyrfRVa8pB8mQc8yyHEkBfB-M7dePlrRVh4hoSFMNBMiBhkD-BNEF2XKU46R6XZOHICRKuwIyJ1x3aK0NZX20HYWi9sbu_k6ZolentNHhNe2Mzg5Ov47PZcK7joE5nrs&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Mar 2022 22:25:36 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AE26
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 22:25:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AE26
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiaGYAAMB9UHg4dgAAXt1wvZcrKni3llwsevAA&u=%7Cgpjl91eEz7WUmGJNUdKsWtQaw63l6%2Bu2dkzMGb%2BNrRQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWBeT0mGZn15eQGKOKhXGrGEMELM4HEwHV1dQ3X2fQVvJqytd2nmJfd3x2Wen3QSKh7pOLne-tHUKnjDLMhDkLbY0KzNheLBHpRvfe4mmruu2zGAgmi_kdzdan-vkXh-QMdzt3dAwG24W6ajBmrY3fER9NJpESXvlL92GuA2fDxumOUfD1fykFk-Zp3VoF3y7fO8Hvrel3OZAOItmknbC8ChNTXugHt_hOONolTOC_MqxMD1uMKqpXe_-GMOA41kJmW2OKR-Fcjeqn3WodWs4mC2wEz4jbsfhahOkcHzBHdHqAmLe2S7dj9PO_Dk6Tzxwa7Eyz2YmqFZ6as33X6ox5Vv_mG0JViJZeCjR4ewueJO9Nh87Sspx_LlPFBVDrFU_Q0Zros8PZChfeoKpVFRqCrWIXCPuLYjc0g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKtmYIYmYtWPMOCOjuwP19uXcMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHVttLqA8gBCakCBKyZ_gdCsj7gAgCoAwGqBIMCT9AG01JQ_Wd-aNs6NLlka3HpaW9OhiMKRauT50of2lKnNYoY6X3NaEtYQA8WpC6Y_GlMCoHQ9yd5ctCLvXtbLK4Ih7XfKh7iBVMtB2Id3WEFjZzfem0g4JPo1QDxih6QhuLaaliMXdvZzAh-ozN0i9vhUUSE5I4QgAUsjBDD_6iTlpgmMyG2CrBJl9j1uKllUoo1e3lS1e89UANba9uwaT202GNkIeSJBYbYw8xDN7QDwzr6Pk4lTQ0pjKE2sbMvBFjVJhCKzWCDAjkG-TYwDJJyRIU7KhkoTiAivYocldB6icQFZgqc6vseBcg0WnDsKbpRiYGZ1l5l80o4zMzVAq7Zf-AEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ZDhNjXN9yFaf1NyDTSRuf9Abzcw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 22:25:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B81
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXj3ngpj1yFkkQaIv09X2W60Dab8eYSQkd2VDNX7-oxaqEfJ4sRhWWhWLueHBN9fQaocH1x2rZ4UBNxM7_XpzgHX5tRAwJCPqUSX-OuZEVLlcMArnJuDPGcZrEEy1YFUWzEediUx8si0Kz&sai=AMfl-YSNWCjvTh_gVPX4ywR7lTtdDArpjR1k7w_xIXnzmuqG8yDUPJAO0t75abuiJDMSbYwwctsIf_Hru0TYAPOtN3ZrAVUd9O0gQFk0PwDvMgyDMluM2IEKUW77farj1bg&sig=Cg0ArKJSzP9p-k5SYoEdEAE&id=ampim&o=294,412&d=728,200&ss=1600,1200&bs=1600,1200&mcvt=1038&mtos=0,0,1038,1038,1038&tos=0,0,1038,0,0&tfs=728&tls=1766&g=100&h=100&tt=1766&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4203880072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame A7DD
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fa04cb9b56db7e4333b763eba7ffdd43f3c4d0e1e51bad2c67caf256f7c0c3

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6e86bf83bee50e1e-MXP
date
Mon, 07 Mar 2022 22:25:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2OftirLtqYADihGeRU7qNKQfwFlrDua7zcq357faCoAsui7VKpn6DocIJBVsCYfLsxnMtzWkcI7%2BXqgvZRrVaaSxNer5NHmP4WWlEySNZXSyQpk%2B239id%2Fvz6boxk5DWg07qEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bjhb
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:37 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bjhb
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s000Dz3WPE6dymY9gj3bG2tQWxxAhnBMc64rxfubDhnVTCCWriTT2gzl4y9IdecM11m2kHuQq%2BTDQp83FAbv9diN1Fq0Rhh8TkpQnJKo28fydFc0JT2%2BWa%2BV%2BtnbVtt5Lm2m7Wk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e86bf828bc30e1e-MXP
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87E9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1903419782497859&bg=!bG-lbyvNAAb7UztL-1M7ACkAdvg8WmT3lA_Sm84sdB5ksZkAw0GYmmDYFK9MxyjswazvBYvYh648uQIAAAGLUgAAAAJoAQeZAs0ow602RYv9lbqmTvATn9iSgLJuo7Q7EUWxE-gjD8uXs06utwVh4brxOt7PydTmkKchLDKBD4zSQLX_BQvBcjeu_wq9ZZERvdjfhECq4qtxHAkX0r9ZLWgpx43p0C8Z6_jpbw77E7vRxSw-Ap3uVKrIqwznZnWx5Uu73Uf_3Isw0DV2CM7hw_4jXgbJtWCXTxrZnKnVy4kRX2sfHSCI7XueDsy6YMFYyKIY9TT5YAZcGYCVCLF7Y6eEA3rgcnQrfdHnboC04Gf1GRbAfwwockS0Rhb7DR94BtIAH1u2PfaqZlXc8psnSvDnbLLdAoLOYFz3WCIVPZUgyF2UIqyuBnvuOpuJ6f3wWat7ppWzVakK-UzZapfZARHIjxFGgXoYLoiR-NfygXEam23ZySeTgPPlZq6ImBFlT66AnWbN3cCRe3tgT6O8ylLHkn4vC_cspjBT7wWf2IDL7UQO_4ec3KQAVDhLN75XCSQrAJez5aIVigcHkv_pbTZLSwHb37O5wGEY_mbuFci6NLHySBXihJbAvgwXyptlS3qni9xjJaDGQ0NtcVeScnR5_Qki6mOzF9ABEL9Pg3J0xHxxRN0rU1b4fS3A190eRlmeOIKjIYjNuaObWXvtexsfcV9g7Ft39gMwoJDoAORm7oTd5FzHt_1gX-3X_t-bc0V-o8Q2d55s2Bpnjn-1pUvYUiqntYjZ0YN0w6k0_d54s86DP0OWx3e4npBZXJGrK1V2hMaByYd62efYXQfzKQZ_4vFg4k3Ali9OUAcCqYkaVlwMNAo2kZPzpb0ocy-uTwVaUzgZjpUcJ4PtQXMnWth2LZmuSLmh1u3z17lg7eBdmHVB9vBpDXi_LV6UxoGA_4VRt15twd6d4NTZhHpok2TlhSH83nkF9JDwULnmidIVxfN7RC9vFTjup3hsA_9uz1ybBBAvlFTdUB3IdGrRj_BDElhtwhs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B03
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1324509033968256&bg=!EhGlEVXNAAb7UztL-1M7ACkAdvg8Wi1ed61jYD3_luV9HkJKf583HUOS-BGSop4nVauXD0cH-EcbYwIAAAHgUgAAAAJoAQcKAHQ1r8GMdud1FIQfX7-tUC0Dsg3le7PgDOstEZsmtjgo7vFONEyWciCougne_J8tJXb1wPOxAIKDXQZtlC9Pphixv7ve-8JrRHv3ffzhPthD4Nh-TqsW92u3Gsq0Za3CkWUFr32Ool4btPHcXHs3Va6UbYRFZ5kC3aHx39F_HNksdmfOwRoNbkUBj8ilihnAdewsqxlKFkNCd4-fKtFqbaGW7_RwYrS8dWTVJ8XoOQGuPIjBCZ4mKlU2qawAR9gNdkC6q3e3qecGlbOBC4W7hIjZTkMYU-TCBNf1hMhwX70mZGMwTQqc-FUm7TE5xwV-nSCoUA55E3QaH9bc6H0JCbAlv8qVmxJpAQtFdMjAS_er0ySp5xg6DwOCiuCrVOUbmTVDZN0hEZl6E285IR37XJvMNh69hsZez7z2wYwFpRWJYt8K7qTLiMXeC7QN2mO9FZcXhJ6vr9DV7pLYUKgiilZZWZib8Q6EGIXRcZffLzELusIXVAv43spPli917JTot4Uhrw_doCjLYZkbFDq7gBg66r7svvRNJZRoIJSo7fWDv6isp3j3KoWsVwdcoi4V9qJQI8n3d_7MFGEQ2MY2An8VnEOjnKGjH3U2KXEESqXOoMZWwqhNUWfUXVV_XBQxa3P7MpFyA8-jZkcMMccno1q2yZVtYWhEpt3vg-VRiUKTSZaiLMNof9H0tX-aODr-mlodi9y-G50QRXUEfB38Yl8-q5qb1lnhhf-rXHDMVOsQX0ODpFU0G5pbaP1hhiRK8qwmgt-vHi56vYq6fwoLTB2RmLxgzLR5hOZ3XynVjYztOz1q7cQ3Nlv9rZvp0a-RB_LS2ulCIE6LUyoufmeR92nh3LroY9OzgS12SIZuwrB6MoUyQxWQUHQ0pm5AnYI_VqjW6cHLU6RCfD3wOVt5G47mvDj3dGZyx-GcyDKsbLeGVKbgQGtmKwq4ohZdWggXKpVxl85oU2XdZcwgFMBRMk5CehqlHJlum-AsYC6rpasWcg8UpwvarzDAWqijzY2lT6_i1zRUGsMfT8cIS1UENYTKXdYVtz--0tuVOGqI5d51I0r8YDAIZ6p0ih8Qqdwi1B7NQvuxkLXwRg2jXVbJIGTaYkA1xNSTq1vwt_9FURjOIYjCZQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22A8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=4060994864913900&bg=!6eql6q7NAAb7UztL-1M7ACkAdvg8WsgOk4cAVDlkiTVC5ltMbf4p9s1o4-0pgWoRH5UsbkciEzj4YAIAAAHcUgAAAANoAQcKACR8JDV9uMm_55LYgf6-uas6d86IQxezhueaKjsxsL0Bbfhyh1uZAtU5_ATjSNn1zY_SpSK6ZOLLoFRUWQcqSPqQ-PI9I073ssAWhP8NFAf6RfqCjWatZrHb4fZXZzKZgS1ri7pU1-AVkXPC1d9efbJfxqqP4THhciPjDll07iomVBqv_P_AScXMRcCvBzc73YOWnMyOd-412JilT9hgOHpNUUC-_9RL3ZB2AtJWGDYj0qCXKeJU3mc1ZEgfrKbbVF9cPEA55ip-86rvBwZI0vlGKH05gu32CE2EgVjUekMeiol3Q8b-_oRs2v-grmtDcY3Q5aUo2wUbAabwuBXZ39_LrN9RPn0zC0pF6M5j3Fs8m5SSmpiRa1VeAZRG7aylpA6m7R1-l0PxUMgbwe4S_Q_kWsFMCjJzf-9AJKydDZ03kVwgoqPee3e9ZPtdbTNDrWjTs7ESNhHZonJvfFqVUwdQjgNXo-GCwvxEXFGUQR-_QbJWiYVFP9h0VSUEQuwHGN__0_OA4L0uovesEetNlt63fYdvPm6d8KQjhAIjrINqZ84mo7ARJ5IDFFi_R-879mwdOEWQtlWhonmu9azTtDbw_NksCB3TAGvqD0w0QlHIFBvaSi8wHKj6Mf3zMCcUWJo0MJy8Mni7-NnJsAeJAZienW4YK3ZZngV9otlSf6foj8adZM0uDsr5gcqzHDy1H-ZgqOqWjAxGFYy4fIo6xsN2BUvsgJ7JXqT9vdSOKSSeR754jM8jp5JhbxMDR51qdhMWxlx7qTnnVAyoOpSSPtywveZ4X_8wsmrRYzIY-X-j6rgU_bqWxt3gWpZlShZ0GOi-QbDdijQ1JGfGd93FNZzlVkmwHZTWgD4Hp0eo_Z-c102bmfF5QApq53M5PPGFLclKEM-1-6r4uK00KOLT9mtyY6YBQwafJdOqtgjujyYZlHKbX95j_OqWDBMyM--L5_6MySR-ydcGV8EhRfJIdXNMt_LWAaxahr3sXa3FRfgHY2giLWMBfGwlveOHvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame D310
7 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3b9629758fb8e7957085d1c873ce3cb67e897c3e241cb25f39332b250c75db
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j4rxazjf74z5qnebwyj8q6kq2ba8h1s23rrmj2d1vqbthw6xd9db8w5ba6pnsh6bqk473epd58a1h7205zwmxc2avw0gqtkawjnw2zbdjfnhkgnmk311gzvzey1xemqp9pw5sbenffbzzf0npej5gqyaf6pqcej53pm8gwbfbsaes8sjxvq8yemtcs8kamx0wtqwvsmp4tfkn98ca7zmkbhdsbcnhqapb1wg750x3rjkrqssnvt1qd442wf0brk9erv372zmndnnqjr63brq2p3w0wt2bzfk511rybqbdvj30rk15kyb4x7tfxnprxvd7epvvnfjzy4m1x4jv2jpq6r2mr5sh5tfkmsk14v6ajjeb73v7j2459x5cqezdcgwfctpacrxarsymd83w6x767yb0bfaqqq8h3k3fe7w4tzhgvveh8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%26client%3Dca-pub-5413329544040947%26adurl%3D

Response headers

date
Mon, 07 Mar 2022 22:25:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e86bf8548330e26-MXP
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame D310
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:25:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1058430
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 23 Feb 2022 16:25:08 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6e86bf860a1f0e26-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D310
53 KB
54 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248881
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdueOHbTO4carAqaVJBKVqcNoYr9PoOXjZIgE-UrUjaN9U_-nEAoRHq1Y3yS55eHsTYfZldGLrh5zTP1BJIh4yU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdvv3XnT4pDDOYXC3ts5lDDHZcdnHi%2B%2B09%2BYxu6UsqkRhJIxsfxHWOnnYxeznlQigqNrdew0j5vycrDx386ybfx33%2BY46pY2fhvY9Ie5%2FJ80c4YVPveSPKZ2FYMOor9E4gGXga8vcTzrhotV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6e86bf8608503761-MXP
cf-bgj
imgq:85,h2pri
4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
assets.ad4m.at/product_image/ Frame D310
108 KB
108 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=0sGzgQ==, md5=E9fn9wEA2esguxJas7WBIQ==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72581
cf-polished
origFmt=png, origSize=247870
x-guploader-uploadid
ADPycdt90tllMIX83A9fcZPtJv-FP64bZVkFb6YsoBfzeGGb4S67qe3_yByRbvPpKwZmDAPufamB6t5nUWOqUOC2Omc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
110084
last-modified
Thu, 15 Jul 2021 15:02:56 GMT
server
cloudflare
etag
"13d7e7f70100d9eb20bb125ab3b58121"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5kY%2FAEVFwxPe2LLBg%2FiPQtux0NkD9GgjeJz3jVoOcVaiZuC5w62KJEP1OLef5I9K6MBLejdCs1b0yci2o%2BEop97eMUMZgyLIaXk3EhuVxfitiyt4QHY6N%2BR1filrCjY8LPKfAPOTciKO%2B%2Fa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1626361376778545
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
247870
accept-ranges
bytes
cf-ray
6e86bf86085b3761-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame D310
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGW...
49 B
2 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 22:25:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703
date
Mon, 07 Mar 2022 22:25:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame D310
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1312036
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtd_qzJJ2j8fLhc4MnJy8Pr9WXO00HsOwNKEMijhkjdKL7lwbsOmTLi6JDxSHzxUMKw-IAs7yuzXaCBOIMf-G4xdCME-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6e%2FHyzhmu6MY1fino2SYtZg08ysRQs6uandLvaE9CQLwPRoJ5YSljK9GBxGAdtJgXQFWZ78YpqZCbIQnD3KsDytF8yjVQeOj54F%2Ffc%2Fcr1%2FiffCb%2F%2Fd0KkWZT2s4Zhz2IpHuR6zUONJ449E"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6e86bf8608603761-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame D310
19 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157202
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdv5pYY4SgLkETMyft68cLyIOaB05HPJ4C1DONmhJoZdjLSzpCyU6tNJVQbYiipbilarEnExN_wYuqk56i812v0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVGvgmRAoQkyeK1q2dqrMymtwmWXX7RiM7SLNP6Afgix%2FIgVz3FFkzKvqsmjC53B0FnfHCoED5u5Gjqyr5dEIICJzotXlp4glZhSOxBfjr4k3YQnmt6o1W7gij%2BG4pbyNEN76pUKHwLR%2BDw0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6e86bf8608623761-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame D310
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030723253865247498515X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew...
49 B
1 KB
Image
General
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030723253865247498515X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 22:25:38 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030723253865247498515X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth
date
Mon, 07 Mar 2022 22:25:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame D310
12 KB
12 KB
Image
General
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75963
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdvyuiuZCgqJ7LEL2VF0UkvSzdt4ehHVTAEUphL6Kgfgyia9pPE7Gcp5xFlSWj9WSiqUR0hYwAe4z0GwB7gQOZw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYr%2BSZcUQC7PAshyuQkCjtURVdSj0fO04Tu4VEhudqlxo6Tn8a1kx6D6E8PyYB8WRLq%2Fc1KwhGZXTwvhZiucPhDdl8AwFS38kkdHmzZX7oV5U5WvNqlXt2J2ZkJICurN6Zi9ZBAMG8R3K1Lt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6e86bf8608633761-MXP
cf-bgj
imgq:85,h2pri
1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame D310
42 KB
42 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=4e5XkA==, md5=IApgItXE/tw7TfHLo2DKwQ==
date
Mon, 07 Mar 2022 22:25:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
161925
cf-polished
origFmt=png, origSize=68898
x-guploader-uploadid
ADPycdu1NuKHawj4mMuyYIe_DrY3-kRICUZ6fz3-lj4gGYqKw2zZWYGAQwqe_U9K2a6Jj2j4_48WGXoIKfBMtiwKD10
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42816
last-modified
Wed, 09 Feb 2022 14:47:59 GMT
server
cloudflare
etag
"200a6022d5c4fedc3b4df1cba360cac1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn07oCFXWbli7FhPPgYaQa%2Fb1rcrfKGr9ZEUpxctxB8zQZ8mfnj3XPx6ND8t4C9s29nCIuJP905iqi8PBl71XjD52m8gxl%2FH%2FLfi97lcqpfAtPR13O2CUNtUlAsFv%2F637n69yx4h27b5bL%2BA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1644418079055001
content-type
image/webp
expires
Tue, 08 Mar 2022 22:25:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
68898
accept-ranges
bytes
cf-ray
6e86bf8608663761-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame D310
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gfgzx6h2tb1jr8ntq4myf6ypp7zark73m0wqrr8t2j6bz583e5ey10fx96wh1stg71zw7t6stt0br8fahtqhwtzxyfnqrznfry7ed1a3468p28scpcfpbwbzxk0jyt2dncp8691agmbv7ch30kzf3pz8nn8qg69m20yn1sc0ah762jzztamt01pfrq73m01psq3s1k6vjjvnewk9yq0trcbwqdqq786vwqd8rd3t8a7dt4z976ezmd844bavkfynhpsd0n6ez6s43bawkk0nh25g42ck2n8wsn24prj1k1k8mgb9x2bbny1%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
856a08885439a096d4dd04a1e8831cf7f2263589b0c35b5cc5f117c8d99bb27f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Mar 2022 22:25:38 GMT
Last-Modified
Mon, 07 Mar 2022 22:25:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1470
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 862A
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-_7bTmhINKF1w-7kVcBPD-LNy79y9eNMXYrG5y_3tm20SakyPLX4TuQN2DB3DZ-YBTQ34TepyCg1rtUla6K_FkXiI8FJ1S5KMjr1uWlXnXioP8Rua4Q&sai=AMfl-YR4gOOTcJ2UJ8-oZ2B00tSI3Zn7lyo5bKi-A4yesZS8NYNOug9nG6by3NEKEcFoTIfMyWSfGxA8EPgNbifA0zCJwr7dt46KhNVaxspd4Eu67w78AUuhOLCrp9A&sig=Cg0ArKJSzD2EOmW31dzSEAE&cid=CAASF-Rod33OQrRTABfSUy_JZbfjvqiuRIjB&id=ampim&o=1128,255&d=200,200&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=335&tls=1336&g=100&h=100&tt=1336&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 22:25:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame D310
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gfgzx6h2tb1jr8ntq4myf6ypp7zark73m0wqrr8t2j6bz583e5ey10fx96wh1stg71zw7t6stt0br8fahtqhwtzxyfnqrznfry7ed1a3468p28scpcfpbwbzxk0jyt2dncp8691agmbv7ch30kzf3pz8nn8qg69m20yn1sc0ah762jzztamt01pfrq73m01psq3s1k6vjjvnewk9yq0trcbwqdqq786vwqd8rd3t8a7dt4z976ezmd844bavkfynhpsd0n6ez6s43bawkk0nh25g42ck2n8wsn24prj1k1k8mgb9x2bbny1%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
63162
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 07 Mar 2022 04:52:57 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
rOiCPQluEeNFhRinWxw4f20U_sNFY9Cj00qJcCGS7bPFgvmdGNaOoA==
link.html
track.webgains.com/ Frame D310
5 KB
6 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSkSWt4jKtroneid__asuid4MaX0fWUrDRZRzx8kuU-8ijwYz1Ah0Axasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247651
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C166402%2C43784&b=GK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=VPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=728&d=90&e=VVtEGWew36vnRRgD7SCo1GYGvPjFc8gu&g=40934843bd6f506b93b33db0b5aafd47%2F12590096800495773566&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646691937920&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1t54t5dx7ynty1kvvt7xhh5pq5b7tdjhqr497w8yjgadkxcrzw4p7r0at9rcxzjze0r2sygcwn2jteahpvzm1bzn471vk1xb5ch2mnp4ey7p9g5jd9pp72vh217ng9kjayahzm9z43qqgvvvm4grpj1m24scm2wwv3tqmyd68km0gjnc90stp5h4da6b95wkkpsnthqprknkjm7gb5mvpcqwsfyx6wyqm1ae3mzp3fe73ysqd4mmyvbk46v8jefx7j27g7rtppryx4vxa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxNAPYIYmYvuXL9mIrATGu4igBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6ABwq7o3QPIAQmpAgSsmf4HQrI-4AIAqAMBqgTVAk_QuTB_aowYj1EoGaa9uwwLZc4fSgyeMfYbgE6gf6HqchaCIx6GO2CyzmbKZKVD-cCuN4v5RGu7s8Web4L_7YvND1NvXWcmL0LetnL1qhAJhuNgzWcQPPRT-jtbiEcIBNriEzAk1DbYmUgG5YmcO1M0UdYaVz9LwcPC8VM6Vb3bNXZzAagNE0JgBpynVfLoyPZ1Xfqptv97Hz0LbmJy2UvrQ71inueLo94TTb2k96TLJwt7zLDxALAG0lPUOBjA5U3U5t6nw-_sHDrM9ipiQwCKuGLFihrdFEmrLuwKEm91aQ4jY9CKMS6Oi6BuIbYMH9mibGbsWvznaMT2ewcQ4uGKya7hjR79zSdEzI8ydIk7iTPJ9G8vZkHtk16NdyK_KcQJqqzQBPQc8NM3xRXqKYtAy5p0w_BaYNaOWwWjK2ICMhSGyQO5fgSmfM4fqhPTDEXmzmm04AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1fkSC0t75MGOCUnbPP7Bq64kO8SQ%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Mar 2022 22:25:38 GMT
Last-Modified
Mon, 07 Mar 2022 22:25:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
5257
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
f.clarity.ms/
0
48 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 07 Mar 2022 22:25:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Mar 2022 22:25:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame D310
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Mar 2022 22:25:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESED1wNpAoEPYBuXqXNptONUc&google_cver=1&google_push=AYg5qPKlWYxgwXt87GSyNExCfbgnbyndCXuQYRv3-JCqPr9jae4-f84vVcHTqxd5ZJNwmfc2L6DnknvNjJuzZJz7kRnHr5v4WKo

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone object| oncontextlost object| oncontextrestored object| CloudflareApps object| zarazData object| zaraz object| dataLayer function| $ function| jQuery object| Popper object| bootstrap object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| _0x4517 function| _0x585f boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __cfBeacon undefined| color function| clarity function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_161520 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

34 Cookies

Domain/Path Name / Value
.nets4.com/ Name: _ga
Value: GA1.2.1631161480.1646691934
.nets4.com/ Name: _gid
Value: GA1.2.442767462.1646691934
.nets4.com/ Name: _gat
Value: 1
www.clarity.ms/ Name: CLID
Value: 6effe4ebc92248a6b999ef13c68bfd10.20220307.20230307
.c.bing.com/ Name: SRM_B
Value: 26E915873A4B6B93279E04E73B206A17
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 26E915873A4B6B93279E04E73B206A17
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nets4.com/ Name: _clck
Value: 1l9rn7i|1|ezk|0
.nets4.com/ Name: _clsk
Value: 16ofdgm|1646691935833|1|1|f.clarity.ms/collect
.doubleclick.net/ Name: IDE
Value: AHWqTUmNf9H0vj0fcIbHpJ7xX_MpHmNGZco5MKrlaAsAi8IKDXuKOmXyeQVS2CDOXLQ
.nets4.com/ Name: __cf_bm
Value: 1BYOC2bn.oKdeCL1mzsL94MRBqx_2GJPB9iP5EeFE9c-1646691936-0-AbhAga2hK1AJDjT4RJjgl4kd3cToPR7M5ghA9WT9XG+FvN8M2TmSyedTip6JRl/e3UQkM+mmcLb+lSQiujX6xQaNzVVQQ4r//9NNCqRODws8c8Q4jFMvLPssmEkx8usREg==
.doubleclick.net/ Name: DSID
Value: NO_DATA
.nets4.com/ Name: __gads
Value: ID=72a457663175831b:T=1646691935:S=ALNI_MY9iKn4w54Z6fLtey_6tt9EtHoUSQ
.blismedia.com/ Name: b
Value: 62268661FDA11192109571D5BLIS
.w55c.net/ Name: wfivefivec
Value: YkNPhqwf1NrlNn5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%223DD2FA21-372C-48A3-A006-D4D8213D8AC4%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBGGGJmICEIlN0XFWkAezT3Y-Rhj0hDsFEgEBAQHXJ2IwYgAAAAAA_eMAAA&S=AQAAAkPsPbjK9b7mboRD1PNFlco
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~23mm
.adform.net/ Name: uid
Value: 1006971920617753174
.quantserve.com/ Name: d
Value: EHABCQHNJYEA
.quantserve.com/ Name: mc
Value: 62268661-6545e-e0c71-0db6d
.3lift.com/ Name: tluid
Value: 1863234569258951383217
.ctnsnet.com/ Name: cid_f33098539d244a5d8876069c6d2f750e
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2cdfe9ef-574a-4522-abf8-81eafa937633-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2cdfe9ef-574a-4522-abf8-81eafa937633-003%22%7D
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0NjY5MTkzOHZsZWExZGUyMDIyMDMwNzIzMjUzODY1MjQ3NDk4NTEzWDExNzcwM1YxMjI2MTMyNzAyTVNvbmVpZEdLOWhCZllwczZqWkdDS0hlSEd0UHRwcEpIMlRZVEVyVUVvbmVpZF9fYXN1aWRWVnRFR1dldzM2dm5SUmdEN1NDbzFHWUd2UGpGYzhndWFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc3MDM
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022030723253865247498513X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0NjY5MTkzOHZsZWExZGUyMDIyMDMwNzIzMjUzODY1MjQ3NDk4NTEzWDExNzcwM1YxMjI2MTMyNzAyT
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0NjY5MTkzOHZsZWExZGUyMDIyMDMwNzIzMjUzODY1MjQ3NDk4NTE1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFBKNEhCZkViYWJLNzl0OUhqSGJ0TXRQUGdTWlQ5VGtHQ3BvbmVpZF9fYXN1aWRWVnRFR1dldzM2dm5SUmdEN1NDbzFHWUd2UGpGYzhndWFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTM3NTI
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022030723253865247498515X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidVVtEGWew36vnRRgD7SCo1GYGvPjFc8guasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752

8 Console Messages

Source Level URL
Text
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

253303af1edcacb5097d8e1108e7ebb9.safeframe.googlesyndication.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.purpleads.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
ba1599c6bf57b9d7c64a95308c6a0ce6.safeframe.googlesyndication.com
c.bing.com
c.clarity.ms
c1.adform.net
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.purpleads.io
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d65456bf7bb629dd515166c3501a5593.safeframe.googlesyndication.com
eb2.3lift.com
f.clarity.ms
f4403fa31a14852641ec70e43d3f3c93.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
images.outbrainimg.com
img.nets4.com
log.outbrainimg.com
nets4.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pix.eu.criteo.net
pixel.everesttech.net
play-lh.googleusercontent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-de.ad4mat.net
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
google2waycm.netmng.com
108.128.215.255
13.32.99.102
142.250.181.226
142.250.185.194
178.250.0.139
178.250.0.160
178.250.0.162
18.156.0.31
18.66.97.96
185.86.137.107
2.18.232.28
20.84.22.197
213.19.147.44
2600:1901:0:76b9::
2606:4700:10::ac43:2794
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:135e
2606:4700::6810:5f41
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:27::cafe:1905
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a05:d018:d29:3602:a502:c876:1009:7218
2a06:98c1:3121::7
3.122.208.3
34.242.207.34
34.96.105.8
35.186.193.173
35.190.0.66
37.157.2.236
46.236.13.147
46.4.62.19
52.142.114.2
54.144.13.37
64.202.112.191
76.223.111.18
84.200.5.215
88.99.63.132
0330eed2ad5c5dfdd442cbe01920a1eb4dde9d1c18d5477974a9c789083e5d9c
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac9a43dd76055cc77ec12ea84d4f7360d6ef6e1596674e97e9a5b2ac7977ee5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c3eb540d7c2b59f396a5ca66dd1ed3f9d91ec0ecf2a7e96d79ea5518c5dc738
0fad4b1ca2d203bafc42d58cf9b62ac6ab27288e4af9317aab0d5edae42f3ac6
106315de86cdb04035717c3372b2e155efbfcf3447ae81c67afef473ae0f01e8
125d16cab4e45603f156dcaf3cb0328d53b926d0b60bea5d69c998af15174222
14e599deeee2c5bb9a08b0df3b9232505726cca5a06fd409fcd080a449b6d22b
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
193b28a9bb8e9a7298371df1b9c58b2848e7151e23a715634889cf4cd9e835bf
1b2281a872cc908ebf5628ca6d87c60c7dd7d02d02d3dd492fa36eb8a220e682
1c7b5b123af8cc1d59c5200e66acaf90e21088ce3ca6549473570523270451f5
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20d403d3c9c8abc2f8785f2417f75f9c3259c2f1e678fbaa8c119f0226b617ed
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c3fa13fbe0829b70a3791712f170560d1169b7eb8db17d114ef3072940b283
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27b12ba011ac71b930c18879e96051d0ed9ba9e1f9e39b5d024345f1180181f5
2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fa3103806ec53fb0e95a0b28ca8b6ff105212961406e7074f9e67c1dca13dfc
2fc1b2d9aba57e8f207c9272af85d95eacbaa7ed664abb4fdcfe3c9fda7c1f66
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
335d0556c9d2a441e297bcac0e86c653eee34df498ee0d7eaa1e8373e24cc8fd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99
39d932a328946033e6a962983607716ea563be7427889764ae2e113482b32920
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3cba5c4cedc02e0e6d3f4d97493f42936b3a3a21d081f41f21c23390d0efdf4a
40173682666d36546839854347eb9e5116aab993708b3233c58b8c3bbb6eaafe
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4c850bdff99521a7c4a3bb7580427bb9b9d8138d731075a7fe20a8bdff837f9f
4d263596c9ef301d41fd7b571d282f7c84c6730799d94d92c966853b1a5d71fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f14d9c1dbd92e3fd5f4d293cfa35d01a28e6bdf4019dff2cd73780b38f9d02b
4f15493c497be1fdbaf8ded570fabc3d3dc1a701fcecebf1d49e0e9b65a941a6
4fb9443e2de03752863a1d0831e719754f7c9254124e868f539b0e97821fd76f
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60a51a814677c31c3147319e2e35b75011de47e10bb3b95f0f68eae84a63e21c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6de6841897d0649ed404e0bdf41b20651b3ff6fdcc4aad36e655f1bb89895705
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6e0aa6149845250466f64e6a5935f86ca82c6be609e462594962a4ce45794e09
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
70546db1799217a411e1e2fadea9566f2aece60713764de7f0d209cb61107688
7077dc489ef7df1bcc1994a1b6649f391aae70107d5a3f5bc58ea481040a3af5
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
799cada1d1d8ae72cba81c3b2d192ffa233716a7ae9efa0da4b68c2edef5aeb3
7cd114b04d10cd8b3a0b4ced30f9ab8657b2cab29c8bf32bbb22f985c6b0302d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816160d0529fc3afba031b135984c2e9b721bf668e654dedca81a29458d14a1b
849d8ee8e40ab995886bb209a6386c7cd5d6b9e2a100f8ab788c212b08b8dbb0
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
856a08885439a096d4dd04a1e8831cf7f2263589b0c35b5cc5f117c8d99bb27f
86f4f478007f31b934ff17040dab885e747aae312cb6274624ea57041a864b50
89fa04cb9b56db7e4333b763eba7ffdd43f3c4d0e1e51bad2c67caf256f7c0c3
8ab58a3c6eb8f923c5517718a50ba37fd7c8c8d3a05cba7907c938ad56a78f1b
8dc29251382655d59a7279379cc1d5307cd6bde6cb7e75cada7c7ee7ea0f9e9a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
912fa3094520c8407511db6ba89d2896806103a3d91119b6a187d6aaf91b84ee
91f6f1ca8b06e55f7da0c1e4a1eb7d6f1e3237b6dcae6a4e0b9e8ebc0ace8636
91fe686d5a678006d7ac6d34fb588ccd350eeb023df8ef14d11d6ec12b9380e0
925fe5e4071be04cb49f2a6b2e27f1566dc51f4a174d7d23fe5a6696ba97a5d5
93ac61013e64e3f2f3e6db1fce91080e7b6a5f7120fbb38febb742dc1f1cebf0
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
9807c538d698108558848a943325879604a59e979f0c3caa8288a96cd3571e3b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3b9629758fb8e7957085d1c873ce3cb67e897c3e241cb25f39332b250c75db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1123756720604bb1aa624a0ed5fb65b7f9f6ecb27e1766cacf69a8d813843f3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c09aefaece137bd3819ae7698de3667926af5e9598892d995aa122bc1b8038
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e096471fa9325ef56feb2c3f0b5a2496b759c09567ac78fc96f966c1a3de78
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a929ab20500c3c6e292367ae1cc266b9f7801c3a7d44e14d16a539e76ae14b90
aa61b44f3a830d06a87258a5719949c75d34505134c4295d195b0b7d05368964
ac425eb498d51cf0ed33ec01d03daaf177af913cea6a0cd69bcce3bde7a12abe
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b11f7fde51a5e44578240f9678ff4a3250b3279de894d8580cfcfe283be8b92e
b5213e1487a972caaa7242e0eb43a1d9cf639079afe170e2899383bdf55e9f79
c1c76b90838bab1acca4d5989bf7eb8e5f4a1a94aebfa66d8babec734980f1b9
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd5b43bdec5b6e3f89df984887a411f753b99d4ab0c1d971782927b407ad9867
cd85d159e61e8bc2bd2bed570dae68af13100c2ca5c32aaa868df218f81736ce
cfbc30f4b635595409f7046bd42bad97884ed9cd930f50e660eaa8e2e539a7fc
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23
d843ad3a3881e8bb473d29e92bbfc2de1737cd85097bb448aff9a7fb05e544a8
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dc10cce0320e806c67f9a94abc89385de32c8fd7621c6bedb8ce6c0ef05441eb
dd2c2fb93a45009898d99e3644cbaf3a0825ae726d30c5c0669d721bfafcaa5e
debba808a25fd588b8819a515cf52fba0e6e91767ebbfab63b95c485a1d2dd06
e2240b924658861da3b49ddf515bbcd134314dfb88bcdbef4bec47b83b3854ea
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f6ef22e62077ea21a2c4049b381ee1bae16d61dcb8192b87ec8c9c96df9565
e7a7123a4847fbfd89a3c02772491df0f573645e6b2673f92b2c5c3ee12f87e4
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef239b36f33cd340c7bc0536370fd9085707453ea99676118b794e2ea37d2bc8
ef56f134b679906602abb496159b39087f8901fea7ea9d2ab8a408ab8ff7862f
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7eee1f54b63fbd3c215fa87a9480dafce27f01934f11745530bdabcbbe9f3c5
f857944ed91d6cfc4a49f641568f8ee0c6f021e9b85406f4fb959b5b2eaa6e41
f89fe58b193dddcd812e23da2dbfec38ed7ac12a53d90d6d75be7d708d53f112
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e