kroxam.com Open in urlscan Pro
162.144.33.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kroxam.com/
Effective URL:
https://kroxam.com/
Submission: On December 02 via manual (December 2nd 2023, 6:35:22 pm UTC) from US — Scanned from DE

Summary HTTP 217 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 26 domains to perform 217 HTTP transactions. The main IP is 162.144.33.60, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is kroxam.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 24th 2023. Valid for: 3 months.

This is the only time kroxam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 61	162.144.33.60 162.144.33.60	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
13	35.190.68.40 35.190.68.40	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3 15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 33	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 14	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:6047:ce6a:6df1:a9de	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
2 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.192.232.229 18.192.232.229	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
217	31

61 162.144.33.60 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.kroxam.com

kroxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.190.68.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.68.190.35.bc.googleusercontent.com

weatherology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.weatherology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6047:ce6a:6df1:a9de (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.232.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-232-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	kroxam.com 1 redirects kroxam.com	3 MB
49	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	742 KB
32	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	246 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	315 KB
13	weatherology.com weatherology.com — Cisco Umbrella Rank: 144182 api.weatherology.com — Cisco Umbrella Rank: 246610	385 KB
9	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	35 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	382 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	248 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	1 KB
3	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	66 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	578 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	451 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	775 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	926 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	174 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
217	26

	Domain	Requested by
61	kroxam.com	1 redirects kroxam.com
33	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	kroxam.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
14	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
12	weatherology.com	kroxam.com ajax.googleapis.com
8	www.google.com	2 redirects kroxam.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	kroxam.com googleads.g.doubleclick.net ajax.googleapis.com
6	www.googleadservices.com	kroxam.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google-analytics.com	kroxam.com www.google-analytics.com
4	www.googletagmanager.com	kroxam.com www.googletagmanager.com
3	sync-tm.everesttech.net	3 redirects
3	unpkg.com	ajax.googleapis.com weatherology.com
3	www.google.de	kroxam.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	sync.teads.tv	1 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	onetag-sys.com	2 redirects
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	r.turn.com
2	ad.turn.com	2 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	api.weatherology.com	ajax.googleapis.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	ajax.googleapis.com	weatherology.com
1	region1.analytics.google.com	www.googletagmanager.com
217	38

This site contains no links.

Subject Issuer	Validity	Valid
kroxam.com cPanel, Inc. Certification Authority	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.weatherology.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-05` - `2024-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://kroxam.com/
Frame ID: C6A7CB66545E5C5D9CC3EC580D3DF162
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 32858FC42588A455FBE46C80B39BA229
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178
Frame ID: 46CE00F9ACD31C9E731F8A31F74690AE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=1009386844&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116049&bpp=1&bdt=1367&idt=184&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=186
Frame ID: 228088D9F82D7F0E00E6EDA81BE73E2D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=600&slotname=8705626737&adk=2674453018&adf=1385442336&pi=t.ma~as.8705626737&w=231&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=231x600&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116376&bpp=2&bdt=1694&idt=2&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=3&fsb=1&dtd=6
Frame ID: 26DAB2F642CAE2CA95B8DEED75DB48A9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 101826DF02FAA73A45086CD0D33518D4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23944BA2A1A2915CD392083F560183A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C85D228860FF4AE7520D96DF08BD5C90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 70815282F1E2A16B72F99C23A5530070
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: F36D142614E3C2A5F215A2900440867C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&adk=1812271804&adf=3025194257&lmt=1701540546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fkroxam.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542117237&bpp=1&bdt=2555&idt=1&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ac43fde44820acc%3AT%3D1701542116%3ART%3D1701542116%3AS%3DALNI_MbD_J4maR4_4Dcsx40put1g2iXwNQ&gpic=UID%3D00000ce25c203c00%3AT%3D1701542116%3ART%3D1701542116%3AS%3DALNI_MbyS-XPcfcTez6z7BMZn_YnJsAiag&prev_fmts=789x280%2C789x280%2C231x600&nras=1&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGsm3m7Th9XSuWCxXpf2OX5_8A9r9OvavtEdv20-by76btIoM-UhHLJGpvOI5IM1z1VKHpXnWk7LW-XjcwLUAe3UnLw%2CAOrYGsmI4xK2q4iRn7VyDg-vQ82gn_kguNJOCLycwEidINETHMEjlXmIuMKKqryH-_6zq0MSrWdbJr3mk1w3PImL1ni2QpuM%2CAOrYGsnB64Sjm6YIUUWJR6J9GGSgUdnTVX6UXNL_RDFrz8Z4vE5uX5OB-yJW1JMnGpaNDFcPcjzbMoaKNthSxXeLUKYNRiW6&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=13
Frame ID: 472E553DB9E048448A42B99B57B6B704
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 600FEC722D6D05CCD7E15419DBAA6D43
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B2DC00AB3A8C1225E7A778A8AC64A499
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 88FD3C98AD453E64983802E8F88E937A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7CD87B9F314EDAA5272F701D240CA8F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22F31BC91FADDA9313EDF428A1CD2C8E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6757DA1DA1B54F8FE78F01B9401A99C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A921642A26E64EBDE9E08FCBD8C4442
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: EF1D64013EF6489C74711A062995DD63
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB045E5DB08A1EF63DA9F5E3A48773CF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 9BAD00EB3F1F6A5E28C9D8BEF19A7313
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 726356453C43591F9CA2B4AFE1E51B05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 8E284318DAD3B343719DCAF45AA4975D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kroxam.com/ HTTP 301
https://kroxam.com/ Page URL

Page Statistics

217
Requests

92 %
HTTPS

62 %
IPv6

26
Domains

38
Subdomains

31
IPs

8
Countries

5053 kB
Transfer

10572 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kroxam.com/ HTTP 301
https://kroxam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
https://tpc.googlesyndication.com/simgad/3995853839924061625

Request Chain 119

https://googleads.g.doubleclick.net/pagead/adview?ai=C2lmB5HhrZZDuF8Sh8wOL7bmQBfXx-qVywYK2spkSg-zz_QgQASCsoNgmYJWCgICYB6AB--TfmAPIAQKpAocWcjmKQrI-qAMByAPJhICABKoEgAJP0Mjpo1ULB6e7AiJbYQD6CnlQJEkTf1HNEKzFBiJxVJ-BD0GVQ5mNzWDk3QB7UUnUdlIQfYZ2Y3n9XjjUTqla00KmX0CygEWTpIA9YVIaNwxzAIfpnb7-AUfeH749toYEA1iPne1sAR9XlNKSzY4n6gO4lSRXYV2P6U3PWGjZpy6Y8s_VCUk5pQFwWIt3aqcHuLaC7sKn1SCg-LqIOWgUKtqw3JKqWh8uZCljLU-QfXmvXb4aHbcbIzgKTcc6sjk7vi4UeBpmsiwOogPIO6PRa_hlCwxTw61W60JWZmIQPgeoFz9-rEt0lrfSwqX1Yu0xECkTMCLPmH6nK6aKqsmMwASs7Zu2oASIBdDrieE5kgUECAQYAZIFBAgFGASgBgKAB-2aoGeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDevBDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOKwo6uy8YIDmgnrAWh0dHBzOi8vd3d3LmVucGFsLmRlL2FydGlrZWwyL21laHItYWxzLWRhcy1zb2xsdGVuLXNvbGFyYW5sYWdlbi1pbi0yMDIzLW5pY2h0LWtvc3Rlbj91dG1fc291cmNlPUdvb2dsZSUyMERpc3BsYXkmdXRtX2NhbXBhaWduPTE1NTA0NDA1OTY4JnV0bV90ZXJtPTE0NjE0MjU5MDYzNiZ1dG1fY29udGVudD02NzQ0ODQ4OTA1OTMmdXRtX3BsYWNlbWVudD1rcm94YW0uY29tJnV0bV9kZXZpY2U9YyZkZXZpY2Vtb2RlbD2ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM4MTk0MDc1ODc5NDMyMDEYAA&sigh=8C2vkFaupyo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7xWsd0vUK0RG8-F0EF__mKgw0GdL9wIlla2Wm9zG0OjV8S2AsZA217T3s3cyLfPgNx_rvXSSSNDwncevc4fS7nmDvEI8tcCpllUYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223770390029294047003%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222836576015216974593%22}&andc=true

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://googleads.g.doubleclick.net/pagead/adview?ai=ChJ0z5HhrZePxINSUpt8P5ZqAIMqOr8p0lq-phfcRv-EeEAEgrKDYJmCVgoCAmAegAYbvq5UCyAECqAMByAPJBKoE-AFP0LYP9dxhYKNzNFCWPpMy2pLNgQ3MMRoCHRs0VJ2Ce2pV1jGJ3V13hIr6WFemA5OwCnnKeQm2s5vQ3mF25WlM_cvFrq5oAZEnHxRsljJFEe_v8bIosFruKHiHMIp7n3P1fOp3X-b7GPIPbaJmVeKBFfFVfU2NsUWx2-XSOOWDVgKSfKRXPRjUY-pPD1MiCRnIcDUYLOTVmkYb3-tzkl021JctLKaZcwcVvWPylwkc73VqgATKBO5uyU7HEkB_mCufOxZi4fYGPVzvGfKZwqiOGRytkDB9ibOBqKWZsxFkULgI8By0jeigM5gwt38dG-ui6liLyZ32bMAEiNOV18kEiAWh8OuATZIFBAgEGAGSBQQIBRgEoAYCgAfikNTqAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMCqBNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY_resq7LxggOaCdABaHR0cHM6Ly93d3cuY290b3Nlbi5jb20vYWN0aXZpdHkvaG90LXNhbGUtNjgxMS8_dHNwdT1TUDIzMTExMVlOTUMsU1AyMzA5MTNVQlkzLFNQMjIwODI2M0M0TixTUDIxMDkzMEJFNkMsU1AyMzExMDI2VFNPLFNQMjMxMTAzUzlWNyxTUDIyMTIxM09BS1YsU1AyMzExMTdLUUVELFNQMjMxMDExU0ZVNCxTUDIzMDcyMEtMSFAsU1AyMzExMDNQSjUyLFNQMjMwOTIxUFdJTIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzgxOTQwNzU4Nzk0MzIwMRgA&sigh=zj56i9tn6IQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNoIFqqdXKFUEI7OV1c-ZQBoJn5YpUhxYlCfB6h0VBtk_WHTEiCcPj16hXM92ebYYtbU513kuJAkjyUDRuzWI21B5iTmiZmRDMZ5sYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211936113010983118240%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210138804710421581297%22}&andc=true

Request Chain 126

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Twb5HhrZcrMF-2qpt8PoaWe-A-Ri8y7dM2zpOOlEcq6jPG-ARABIKyg2CZglYKAgJgHoAGhwJjxKMgBCagDAcgDywSqBP4BT9BdjNpn25ACjYMvu8-zbD4Bw62ck2KgcQgTnxbrumpDmXHaaTxFyQ3gh7jGMqg7I3CGknmidsoskvXHq5ptuBq5tqmU6apyrgXm5fuGgheQE3-NZigxYzGtCGEwzVBudPJQ5O7Jj-1WnSzOMr-8ljIJQyEqZjMPv-3HE_8kDftL_US3W9ATapX8tNVK0R-_u6QdX33OrFn7mfJtfoEnJ6MZNNgyju2JaEDlH8j_IqKqbI8hsbTIln9tXsyXIRk5t9HNo4ka7L0id_hMdtuX7vqlnKi7FbOHlAKVbcjhJHgyvZKydeQBRzKMSz3s0G_O-4sijJzz0IWx7koQe3vABM-NsoeuBIgFj6jMl0uSBQQIBBgBkgUECAUYBKAGLoAHnfykowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ78Yf0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljVgaOrsvGCA5oJgAJodHRwczovL3d3dy50ZW11LmNvbS9kZS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTc2fmRlfkVVUiZnb29kc19pZD02MDEwOTk1MTI2OTUzMzQmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMjQzMjQ4LTEmdG9waWNfY2xhc3NpZnk9MTIxgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMzgxOTQwNzU4Nzk0MzIwMRgA&sigh=I_oMpPJMiDo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN-a2P0ZQeryW77htZJ9YIPbomWkqB5ui9AeaVVFSsa_Jm--1mSAICwTfTK_wlsCNiBRW6DMAm_yPZzr3WGgW6W3FRdY_4r1oh4WUYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227748631263976172756%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228267677843727598145%22}&andc=true

Request Chain 189

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1&google_push=AXcoOmTax_KWWqYDhZOYZw-uPqHnd2-uPEnVtDI0LDOYfcsrhgNC2X2BYZyNhXnO7cC3IOxX-Pw9NBhGOW0_MLg-Cy9A-84pSZoivrs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM0MTAyNzY0NzcyMDY2ODM0MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1

Request Chain 191

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 192

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_cver=1&google_push=AXcoOmRLvD46-qYGKK9C2nvw4DAAD_onnxrNDVSuSfVu6uu1RBY2MRMoNVaxalejphjoX1Mgd1Y3CaFLFGxNhvq-R0HWY54HlAuWtHz- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmRLvD46-qYGKK9C2nvw4DAAD_onnxrNDVSuSfVu6uu1RBY2MRMoNVaxalejphjoX1Mgd1Y3CaFLFGxNhvq-R0HWY54HlAuWtHz-

Request Chain 193

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBO2OEat8HsOIkpsk_TYi4Q&google_cver=1&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJJY18Wb7v1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJJY18Wb7v1&google_hm=eS1GYlk3M0xaRTJwR3MweVZ6bWtEdGtmd2RXS21zVE1KU35B

Request Chain 194

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAqjvuf2X8KUkIyCfVVgL9s&google_cver=1&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZOy-NwwaLB4nlLqD5XcQ8Rs8oB HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAqjvuf2X8KUkIyCfVVgL9s&google_cver=1&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZOy-NwwaLB4nlLqD5XcQ8Rs8oB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgwNjM1NzgzMzM5NDUyNDQ3MA&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZOy-NwwaLB4nlLqD5XcQ8Rs8oB

Request Chain 195

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDCh4NHV12NKCB63VTFAzHA&google_cver=1&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84YWb_gqs9ZNS8jQLMjZ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84YWb_gqs9ZNS8jQLMjZ0

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_cver=1&google_push=AXcoOmQiiFj0MHDuaeip1YTzM9ntFopDHNpkc5Ot0PZpDGg8cR00uRidQ1Ux3M7kpn3nbw0RPKTNLafPbpaHDPdHDy4ZITmjefEHlJM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmQiiFj0MHDuaeip1YTzM9ntFopDHNpkc5Ot0PZpDGg8cR00uRidQ1Ux3M7kpn3nbw0RPKTNLafPbpaHDPdHDy4ZITmjefEHlJM

Request Chain 202

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBO2OEat8HsOIkpsk_TYi4Q&google_cver=1&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6IcpAygIt_GU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6IcpAygIt_GU&google_hm=eS1oci5qZG9oRTJwRTkxa3JHN2FJWGNpNUlnQVh6Zk5jVX5B

Request Chain 206

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1&google_push=AXcoOmSEBNagJw7ZOY4L1a9E5xWDw5T6dV4a4WvjhcRrkZ3L97wfc4_DYpFlYnnamceG8GDSiQoeJKVXGhSMmtKGBU0ITRoGhb8Fr8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQxMzA4NTI0MTc1ODU5NjI3Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1

Request Chain 207

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 208

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_cver=1&google_push=AXcoOmTcF_Pe4pwwe8cxGt9FjlzR8xoJgVQUh3S6O03vWMbIvn9ln5rKiDkaSthq_5HuWSmnHMgxdeBnuFy3z3fW1nqO9bpjMLo12s4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmTcF_Pe4pwwe8cxGt9FjlzR8xoJgVQUh3S6O03vWMbIvn9ln5rKiDkaSthq_5HuWSmnHMgxdeBnuFy3z3fW1nqO9bpjMLo12s4

Request Chain 211

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDCh4NHV12NKCB63VTFAzHA&google_cver=1&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5VZ1iUmOLVQwooY89cck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5VZ1iUmOLVQwooY89cck

Request Chain 212

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIBjxXqt45jzHNNgdSl9F-U&google_cver=1&google_push=AXcoOmTkJ7-w-gGj0g5pYtXpK3pN2tjp_IaIinP7uvq66CcDORZSFKBNnJDuAPWfHmOGndHh0TOoxBsUb3W2ubIanvcL2gVuYMokz3x4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTkJ7-w-gGj0g5pYtXpK3pN2tjp_IaIinP7uvq66CcDORZSFKBNnJDuAPWfHmOGndHh0TOoxBsUb3W2ubIanvcL2gVuYMokz3x4 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

217 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kroxam.com/
Redirect Chain

http://kroxam.com/
https://kroxam.com/

337 KB
69 KB

647ms
293ms

Document
text/html

162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 3925be10d7d8717b83b2ae08b702d0b0492b9cef951846bed7b7ef3910c8b6af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 18:35:14 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 02 Dec 2023 18:09:06 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: User-Agent
WPO-Cache-Status: cached

Redirect headers

Cache-Control: max-age=3600
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 18:35:12 GMT
Expires: Sat, 02 Dec 2023 19:35:13 GMT
Keep-Alive: timeout=5, max=100
Location: https://kroxam.com/
Server: Apache
Transfer-Encoding: chunked
Vary: User-Agent
X-Redirect-By: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EQZY1YJ3F3

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b547ee7ca44f508bf0c06351f1e4ff84bd05ff1f0b2f7dab720180d778cbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 18:35:14 GMT

GET
H/1.1 200
OK embed-public.min.css
kroxam.com/wp-content/plugins/embed-any-document/css/ 1 KB
742 B 517ms
172ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.4
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: f050fd052a21620c83566dfabadd8a606f18df450216a15e0bd2501d9fd1e70e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 15:23:45 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 443

GET
H/1.1 200
OK apsa-front-styles.css
kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/ 7 KB
2 KB 520ms
173ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/apsa-front-styles.css?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: a339245fccc68b9dece15a32325ecbbfa0fb176f1f1bda51d3146225d1021d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 20:02:04 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1715

GET
H/1.1 200
OK apsa-animate.min.css
kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/ 52 KB
4 KB 525ms
177ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/apsa-animate.min.css?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 20:02:04 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3954

GET
H/1.1 200
OK apsa-child-front-styles.css
kroxam.com/wp-content/plugins/aparg-smartad/main/view/front/ 3 KB
1 KB 524ms
175ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/aparg-smartad/main/view/front/apsa-child-front-styles.css?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 852d6a236b8808349300754ea6a759c43f04bb6ae705446018cd9f4f8f027ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 20:02:04 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 885

GET
H/1.1 200
OK plyr.css
kroxam.com/wp-content/plugins/easy-video-player/lib/ 34 KB
5 KB 527ms
176ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/easy-video-player/lib/plyr.css?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 50102005e933a1c93fd7b82b700723a4a03cd66bea9f3d62a6902814ba954275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 15:23:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5279

GET
H/1.1 200
OK style.css
kroxam.com/wp-content/plugins/td-composer/td-multi-purpose/ 38 KB
5 KB 529ms
177ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=3833ae26cf1f9d406448012ce1734aa1
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 67e17eded48efd41da15c98b87275c8c4ef6a641859c4f253f0409219bdcad13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:23 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4926

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans%3A400%2C700%2C800%7COpen+Sans%3A400%2C600%2C700%2C800%7CRoboto%3A400%2C500%2C700%2C800&display=swap&ver=12.6.2

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57b38ca017f55598afab3b5fbd02d2c979da1de26d97c74d442e258d155d59ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:35:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:14 GMT

GET
H/1.1 200
OK js_composer.min.css
kroxam.com/wp-content/plugins/js_composer/assets/css/ 454 KB
44 KB 699ms
182ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: f49e16149fd134ecdfc927cebab7226960180071da626926c60d03600d169db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 20:41:57 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 44689

GET
H/1.1 200
OK style.css
kroxam.com/wp-content/themes/Newspaper/ 153 KB
26 KB 700ms
181ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/themes/Newspaper/style.css?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 643644074548b8cfa54ce86be98172b662777d31ce9b38ad9d0241fc12647efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2023 21:23:24 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25989

GET
H/1.1 200
OK td_legacy_main.css
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 166 KB
25 KB 706ms
182ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=3833ae26cf1f9d406448012ce1734aa1
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: b987f0a1d971940fef7f260fb73d242b3d561183e3945fc2a378dad94cf55abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:23 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25206

GET
H/1.1 200
OK td_standard_pack_main.css
kroxam.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 717 KB
62 KB 719ms
195ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9c79b36358200da4c4662c5aa9454675
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 792180698e17019192621dfb6615fb58b7b158c5bcb9c8e08ee92d51bea79791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:07:10 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 62876

GET
H/1.1 200
OK demo_style.css
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/business/ 12 KB
2 KB 735ms
208ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/business/demo_style.css?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 253817d06ade2c59d38e5b4e34017d4e3d00b27f2b3466ef33f9942501fb2b46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:23 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2018

GET
H/1.1 200
OK tdb_main.css
kroxam.com/wp-content/plugins/td-cloud-library/assets/css/ 47 KB
7 KB 709ms
181ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=34c58173fa732974ccb0ca4df5ede162
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:34 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7310

GET
H/1.1 200
OK frontend-gtag.min.js Show response
kroxam.com/wp-content/plugins/google-analytics-premium/assets/js/ 11 KB
3 KB 887ms
177ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.22.0
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 22:39:05 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3245

GET
H/1.1 200
OK jquery.min.js Show response
kroxam.com/wp-includes/js/jquery/ 87 KB
30 KB 901ms
180ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 17:58:56 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30908

GET
H/1.1 200
OK jquery-migrate.min.js Show response
kroxam.com/wp-includes/js/jquery/ 11 KB
4 KB 913ms
177ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 17:58:59 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4169

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
kroxam.com/wp-includes/js/ 18 KB
5 KB 179ms
177ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 17:59:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 5009

POST
H2 204 collect
region1.analytics.google.com/g/ 0
241 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EQZY1YJ3F3&gtm=45je3bt0v9130996632&_p=1701542114702&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&cid=205295297.1701542115&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701542114&sct=1&seg=0&dl=https%3A%2F%2Fkroxam.com%2F&dt=KROX%20-%20The%20Voice%20Of%20The%20Valley%20-%20Your%20Award%20Winning%20Source%20For%20Sports%2C%20News%20%26%20Weather%20in%20the%20Crookston%20Area&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2550
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQZY1YJ3F3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EQZY1YJ3F3&cid=205295297.1701542115&gtm=45je3bt0v9130996632&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQZY1YJ3F3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 57ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EQZY1YJ3F3&cid=205295297.1701542115&gtm=45je3bt0v9130996632&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1210663729

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK apsa-front-scripts.js Show response
kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/ 37 KB
11 KB 879ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/aparg-smartad/framework/view/front/apsa-front-scripts.js?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: f198fe4db6ec41b8ef2e653b159fe54e5cd5fa66bc91fad56ceb306d46ff9dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:33:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10717

GET
H/1.1 200
OK apsa-child-front.js Show response
kroxam.com/wp-content/plugins/aparg-smartad/main/view/front/ 14 KB
7 KB 887ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/aparg-smartad/main/view/front/apsa-child-front.js?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 5da6e215c2c4cf0268a6b1565f396e2258c14b325e975d7a1d12f95d6f10f280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:33:24 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6352

GET
H/1.1 200
OK plyr.js Show response
kroxam.com/wp-content/plugins/easy-video-player/lib/ 116 KB
37 KB 899ms
181ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/easy-video-player/lib/plyr.js?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: fcc8e147f90109d380cced0d61c2edd431787f7a0edaf174c4107972255100fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2023 23:23:50 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 37240

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
43 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=TAG_ID

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9b277d0cea26500af3ade0b7752ffa4efe6c73a7c587e95fa481effdcecce11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44110
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 18:35:15 GMT

GET
H/1.1 200
OK krox_header_logo-450px.png
kroxam.com/staging//wp-content/uploads/2017/09/ 19 KB
19 KB 176ms
176ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/staging//wp-content/uploads/2017/09/krox_header_logo-450px.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 12e0666f7437668fa84a7d72769d5d09094d9f433526643f9f018936b8de5158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Last-Modified: Thu, 30 Nov 2023 21:19:54 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19456

GET
H/1.1 200
OK KROX-logo.jpg
kroxam.com/staging/wp-content/uploads/2020/03/ 5 KB
6 KB 176ms
176ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/staging/wp-content/uploads/2020/03/KROX-logo.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 90ecf36be1d43c5bee26ce7977f2ddaa5d2e9b1ed732c034eeecf8c1e87e5f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Last-Modified: Thu, 30 Nov 2023 21:40:41 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5379

GET
H/1.1 200
OK bulletinboard-300x235.png
kroxam.com/wp-content/uploads/2021/05/ 18 KB
18 KB 176ms
176ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2021/05/bulletinboard-300x235.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: ed4984390c58748993be5915c45df2c9d9c9cf9cf23655f19dd7385dfc416620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Last-Modified: Wed, 10 May 2023 20:18:28 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 18363

GET
H/1.1 200
OK polk-county-government--100x70.jpg
kroxam.com/wp-content/uploads/2023/08/ 3 KB
3 KB 687ms
179ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/08/polk-county-government--100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: c16cce59c91052b3fb58ca67a540e9b0493e7a42528c219f704a29b30904372d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Tue, 22 Aug 2023 19:41:18 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2789

GET
H/1.1 200
OK bulletinboard-100x70.png
kroxam.com/wp-content/uploads/2021/05/ 10 KB
10 KB 673ms
185ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2021/05/bulletinboard-100x70.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 9e0e37301726882418294833d0d84cd1c17225245143beca05137be5e768bf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Wed, 10 May 2023 20:18:28 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 10005

GET
H/1.1 200
OK ww7-e1701396084289-100x70.jpg
kroxam.com/wp-content/uploads/2023/11/ 2 KB
2 KB 507ms
176ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/11/ww7-e1701396084289-100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 06e2cbee1cd23b3253759d2b851beb965321e1f887d36a1f187234db8b357292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Fri, 01 Dec 2023 02:01:24 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2295

GET
H/1.1 200
OK bell-thumb-100x70.jpg
kroxam.com/wp-content/uploads/2023/11/ 4 KB
4 KB 506ms
187ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/11/bell-thumb-100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 8897076fcc8e88cb8f31cb3ea4ba947e6ef31943bcf616e8104e9ab2c4346fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 30 Nov 2023 17:49:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3826

GET
H/1.1 200
OK Crookston-vs-CPCR-324x235.jpg
kroxam.com/wp-content/uploads/2023/12/ 20 KB
20 KB 177ms
177ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/12/Crookston-vs-CPCR-324x235.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 1a36e3a78e2133e4c0679ab1ed0b3ab7f006deec44f1c58295851ae05fb20643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:15 GMT
Last-Modified: Fri, 01 Dec 2023 19:33:38 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 20379

GET
H/1.1 200
OK Reed-Hanson-100x70.jpg
kroxam.com/wp-content/uploads/2023/12/ 3 KB
4 KB 659ms
173ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/12/Reed-Hanson-100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: a92a874d1b2c84f16bb18b05ee65743012367ae055d2781ba7730baaf0139465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Sat, 02 Dec 2023 05:25:49 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3435

GET
H/1.1 200
OK IMG_4508-100x70.jpg
kroxam.com/wp-content/uploads/2023/12/ 3 KB
4 KB 850ms
190ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/12/IMG_4508-100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 0ad866383c29d43b62ce761d2030d4ff9ee918f4e5cdddad7d4682bb694ef042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Sat, 02 Dec 2023 04:23:40 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3444

GET
H/1.1 200
OK Isabelle-Smith-Resize-100x70.jpg
kroxam.com/wp-content/uploads/2023/12/ 3 KB
3 KB 175ms
175ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/12/Isabelle-Smith-Resize-100x70.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 093073011c40e1db0aecc3eeb1488b2bc70f594c84caa968656cadef984bde72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Last-Modified: Sat, 02 Dec 2023 03:17:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 3253

GET
H/1.1 200
OK image0-e1701466242390-100x70.jpeg
kroxam.com/wp-content/uploads/2023/12/ 4 KB
4 KB 189ms
189ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/12/image0-e1701466242390-100x70.jpeg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 96d7a3448aff4d56ef386f6c3e5799140d5660bbe5d63aeb861b2f1ba8e57bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Last-Modified: Fri, 01 Dec 2023 21:30:42 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 3844

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 85ms
62ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b39e538580e6e84e8233a168f3411450cefa67ab1ab9638412fd05e7b89fdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51663
x-xss-protection: 0
server: cafe
etag: 16655311069975420439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:15 GMT

GET
H2 200 homepage-wx-alt.js Show response
weatherology.com/v2/widgets/js/ 63 KB
9 KB 432ms
127ms Script
application/javascript 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherology.com/v2/widgets/js/homepage-wx-alt.js
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 9e157711292fc9569811cbbe08ce66ce678f2fee31bf323f4f8fb4f5edc5d00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:16 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 27 Sep 2023 15:16:13 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "fa32-60658ac028940-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8956
expires: Mon, 01 Jan 2024 18:35:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26461317-8

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4044790b8dfbcef4ac93778837154a084e8df9043833894e7480f013a2c86ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64920
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 18:35:15 GMT

GET
H/1.1 200
OK style.css
kroxam.com/css/ 1 KB
780 B 181ms
177ms Stylesheet
text/css 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/css/style.css
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 3ccd89c00227b7d92d8171927b8a8c53834f4e1625ee6f99a7fdef81b2656feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 20:01:35 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 482

GET
H/1.1 200
OK pdfobject.min.js Show response
kroxam.com/wp-content/plugins/embed-any-document/js/ 14 KB
7 KB 179ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.4
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 8aefab739d201f6ebc8ae31e19b3dd9bd4db1ca80862c8f6225db61f6bf180e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2023 21:21:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6889

GET
H/1.1 200
OK embed-public.min.js Show response
kroxam.com/wp-content/plugins/embed-any-document/js/ 11 KB
6 KB 177ms
173ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.4
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 119349fa393e6ed3de0643fbcb1b60b75a2533af3c029c201b6f7fef36b9656a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2023 21:20:04 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5715

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 156 KB
39 KB 181ms
178ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 0477db11333c3293fcd98deeac5e86584e51b6e9256e3bedd50edea1cf347a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 39320

GET
H/1.1 200
OK tdPostImages.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
952 B 176ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 640

GET
H/1.1 200
OK tdSocialSharing.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 3 KB
1 KB 432ms
180ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 956

GET
H/1.1 200
OK tdModalPostImages.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 9 KB
2 KB 177ms
177ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1438

GET
H/1.1 200
OK comment-reply.min.js Show response
kroxam.com/wp-includes/js/ 3 KB
2 KB 175ms
175ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 17:58:19 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1351

GET
H/1.1 200
OK js_files_for_front.min.js Show response
kroxam.com/wp-content/plugins/td-cloud-library/assets/js/ 29 KB
6 KB 175ms
175ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=34c58173fa732974ccb0ca4df5ede162
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:34 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6267

GET
H/1.1 200
OK js_composer_front.min.js Show response
kroxam.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 174ms
174ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 54b8fb01c4634d81f4fe444f85a62627091a432ace0664f3022b57b0625ed796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Nov 2023 20:55:59 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5780

GET
H/1.1 200
OK tdLoadingBox.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 3 KB
1017 B 177ms
177ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: a51003115e6640ac72b7a1c6525250bd66ff3cb60f207168c9aef0369c484098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 705

GET
H/1.1 200
OK tdDatei18n.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
1 KB 175ms
175ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdDatei18n.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 801b3a26f4f89ae50c0501d3d1a6064dbf9ebc4660ba75e8de40f15bfc0b6f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 992

GET
H/1.1 200
OK tdAjaxSearch.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 6 KB
2 KB 173ms
173ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1494

GET
H/1.1 200
OK tdLogin.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 13 KB
3 KB 176ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLogin.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 336a25d31d729ad4223f664f1c0e4f82778979cb5ca97edd303d40241d6b272c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2748

GET
H/1.1 200
OK tdMenu.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 4 KB
2 KB 177ms
172ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdMenu.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1312

GET
H/1.1 200
OK tdInfiniteLoader.js Show response
kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
979 B 179ms
176ms Script
application/javascript 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: f2be0d99588fd30f81f9d519e27422142ecb0af1d4ed5bc7e81d4eb32fe99978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 18:04:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 667

GET
H/1.1 200
OK monsterinsights-badge-light.svg
kroxam.com/wp-content/plugins/google-analytics-premium/assets/images/ 13 KB
4 KB 177ms
177ms Image
image/svg+xml 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/plugins/google-analytics-premium/assets/images/monsterinsights-badge-light.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: d07ff671faf8f28c8859f1bead7fd35a55c69b7bab545ed7de56b7f44c3aaaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 22:39:05 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4026

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 17:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2737
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Dec 2023 19:49:38 GMT

GET
H/1.1 200
OK 60degree_gray_@2X.png
kroxam.com/staging//wp-content/uploads/2017/09/ 1 KB
1 KB 318ms
176ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/staging//wp-content/uploads/2017/09/60degree_gray_@2X.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: ec1da03c057b040456db269c5d72a405fa53ffe556182f54e46611d720547175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 30 Nov 2023 21:19:54 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1060

GET
H/1.1 200
OK sportstile.png
kroxam.com/staging//wp-content/uploads/2017/08/ 9 KB
10 KB 315ms
172ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/staging//wp-content/uploads/2017/08/sportstile.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: f88c4ed11e85ec5348ac5bad09288733c73963b652d56621e784b53c4faaf8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 30 Nov 2023 21:19:53 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9620

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK RiverViewClinic_WellnessVisit_KROX4-14-23.gif
kroxam.com/wp-content/uploads/2023/05/ 477 KB
477 KB 327ms
176ms Image
image/gif 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/05/RiverViewClinic_WellnessVisit_KROX4-14-23.gif
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 53c83e6bf2168230c77453c313b56d4ce737b239c313443feba8eaeb4b33f2db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 18 May 2023 03:49:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 488172

GET
H/1.1 200
OK AndyOman_headerbanner.jpg
kroxam.com/wp-content/uploads/2018/08/ 29 KB
29 KB 330ms
176ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2018/08/AndyOman_headerbanner.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 9a39fe1165cd2dd5735eec751e6950229961812c23b5e5a98e30ccf86f1ac1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Wed, 10 May 2023 20:03:07 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 29436

GET
H/1.1 200
OK Video-stream-logo-e1689887570120.jpg
kroxam.com/wp-content/uploads/2021/01/ 11 KB
11 KB 487ms
172ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2021/01/Video-stream-logo-e1689887570120.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: c5e88c16be6045f46a1df3ae8f8e38ca10778910e491b77e9d3aaa354010bebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 20 Jul 2023 21:12:50 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11066

GET
H/1.1 200
OK inewztv_logo-e1689887652625.jpg
kroxam.com/wp-content/uploads/2019/01/ 6 KB
7 KB 485ms
173ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2019/01/inewztv_logo-e1689887652625.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 13e8162655ecee0f0bda191003d5d7532898884887b9e209c054f9a85d531ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 20 Jul 2023 21:14:12 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 6459

GET
H/1.1 200
OK 300x600_Your-hometown-healthcare-team_Crookston-1.jpg
kroxam.com/wp-content/uploads/2023/09/ 144 KB
144 KB 317ms
175ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2023/09/300x600_Your-hometown-healthcare-team_Crookston-1.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: d34230d51585e0d7a7500c2adcd1425caf9edf24c32c61e1c2f1608276e482d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Tue, 05 Sep 2023 19:47:57 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 147352

GET
H/1.1 200
OK dee_logo_color-e1651808332605.jpg
kroxam.com/wp-content/uploads/2022/05/ 576 KB
576 KB 684ms
176ms Image
image/jpeg 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/wp-content/uploads/2022/05/dee_logo_color-e1651808332605.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 4de33c9ee97874e1d4556ff9b7d1cf10ab5059bdaefae8e1d668e2af342882e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Wed, 10 May 2023 20:29:17 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 589547

GET
H/1.1 200
OK newspaper.woff
kroxam.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 329ms
173ms Font
font/x-woff 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://kroxam.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by: Host: kroxam.com
URL: https://kroxam.com/wp-content/themes/Newspaper/style.css?ver=12.6.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23

Request headers

Referer: https://kroxam.com/wp-content/themes/Newspaper/style.css?ver=12.6.2
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Thu, 09 Nov 2023 21:23:22 GMT
Server: Apache
Vary: User-Agent
Content-Type: font/x-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 33904

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 41ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans%3A400%2C700%2C800%7COpen+Sans%3A400%2C600%2C700%2C800%7CRoboto%3A400%2C500%2C700%2C800&display=swap&ver=12.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:53:46 GMT
x-content-type-options: nosniff
age: 135689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38268
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 04:53:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 43ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 17886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:19:38 GMT
x-content-type-options: nosniff
age: 36937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:19:38 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 101147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 14:29:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 33ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 93354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:24:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Dec 2023 19:24:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1142258978&t=pageview&_s=1&dl=https%3A%2F%2Fkroxam.com%2F&ul=en-us&de=UTF-8&dt=KROX%20-%20The%20Voice%20Of%20The%20Valley%20-%20Your%20Award%20Winning%20Source%20For%20Sports%2C%20News%20%26%20Weather%20in%20the%20Crookston%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUIhAAAAACAAI~&jid=840261829&gjid=75494622&cid=205295297.1701542115&tid=UA-26461317-1&_gid=898429221.1701542116&_slc=1&z=151778715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26461317-1&cid=205295297.1701542115&jid=840261829&gjid=75494622&_gid=898429221.1701542116&_u=aCDAgUIhAAAAAGAAI~&z=936545539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 56ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26461317-1&cid=205295297.1701542115&jid=840261829&_u=aCDAgUIhAAAAAGAAI~&z=1156509422

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26461317-1&cid=205295297.1701542115&jid=840261829&_u=aCDAgUIhAAAAAGAAI~&z=1156509422

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 398 KB
135 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3819407587943201&plah=kroxam.com&bust=31079861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b48cb1fa81fc7da96a7ff4f0129ea30ae7f799c06a51c0b1e2dd1df25ad8b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137521
x-xss-protection: 0
server: cafe
etag: 18238315836267708531
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:16 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 3285 9 KB
4 KB 30ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Fri, 15 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46CE 144 KB
44 KB 762ms
762ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3819407587943201&plah=kroxam.com&bust=31079861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

780a16112b4894caa63097620ac5b85f0be612e18c62f0d00c02c323d3bfdffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:16 GMT
expires: Sat, 02 Dec 2023 18:35:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2280 118 KB
41 KB 683ms
683ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=1009386844&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116049&bpp=1&bdt=1367&idt=184&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=186

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af1b1ad98ad2b941bf4695d2f17684a93bbf46bb530b571ba275a8253519a20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42231
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:16 GMT
expires: Sat, 02 Dec 2023 18:35:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 85 KB
30 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: weatherology.com
URL: https://weatherology.com/v2/widgets/js/homepage-wx-alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30433
x-xss-protection: 0
last-modified: Wed, 17 May 2023 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 20:14:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26DA 118 KB
41 KB 613ms
612ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=600&slotname=8705626737&adk=2674453018&adf=1385442336&pi=t.ma~as.8705626737&w=231&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=231x600&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116376&bpp=2&bdt=1694&idt=2&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=3&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5e093f09b13349cb865180c09a4e8c97125442aacef672c05c42908a55f3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:16 GMT
expires: Sat, 02 Dec 2023 18:35:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
63 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26461317-8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQZY1YJ3F3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa14c860be44dc6d26b3d21fd3cce04435b4c972626654a0d651e6e9c5d9be03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64923
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 18:35:16 GMT

GET
H/1.1 200
OK header_bg_03.png
kroxam.com//wp-content/uploads/2017/09/ 99 KB
99 KB 435ms
175ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com//wp-content/uploads/2017/09/header_bg_03.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 11e13c18164c5eea44deeeba445e793504bffa1bc221464e6c163b64a114d17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:16 GMT
Last-Modified: Wed, 10 May 2023 20:02:57 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 101467

GET
H/1.1 200
OK footer_bg.png
kroxam.com/staging//wp-content/uploads/2017/07/ 686 KB
686 KB 172ms
172ms Image
image/png 162.144.33.60
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kroxam.com/staging//wp-content/uploads/2017/07/footer_bg.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.144.33.60 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.kroxam.com
Software: Apache /
Resource Hash: 89b7ef155312a6e5c22a285fe0683b791e6bd6bb6e564e582881fa808ae6b68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:35:17 GMT
Last-Modified: Thu, 30 Nov 2023 21:19:50 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 702519

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1142258978&t=pageview&_s=1&dl=https%3A%2F%2Fkroxam.com%2F&ul=en-us&de=UTF-8&dt=KROX%20-%20The%20Voice%20Of%20The%20Valley%20-%20Your%20Award%20Winning%20Source%20For%20Sports%2C%20News%20%26%20Weather%20in%20the%20Crookston%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAAGAAI~&jid=150200245&gjid=652027702&cid=205295297.1701542115&tid=UA-26461317-8&_gid=898429221.1701542116&_r=1&gtm=457e3bt0&did=dZGIzZG&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZGIzZG&jsscut=1&z=1894103278

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26461317-8&cid=205295297.1701542115&jid=150200245&gjid=652027702&_gid=898429221.1701542116&_u=aCDAAUIhAAAAAGAAI~&z=2019910060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kroxam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26461317-8&cid=205295297.1701542115&jid=150200245&_u=aCDAAUIhAAAAAGAAI~&z=2116237120

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26461317-8&cid=205295297.1701542115&jid=150200245&_u=aCDAAUIhAAAAAGAAI~&z=2116237120

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6331408022268599824
tpc.googlesyndication.com/simgad/ Frame 2280 19 KB
20 KB 52ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6331408022268599824?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk4x7C0RB4f7gh5FxJMFQ-Pv86ieA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=1009386844&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116049&bpp=1&bdt=1367&idt=184&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75e1a67f7d82d661dd60148321a286a6498b0f27bbf622810e43bb5d15575d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:58:56 GMT
x-content-type-options: nosniff
age: 196580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19891
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 08:23:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 11:58:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 2280 24 KB
9 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2280 3 KB
1 KB 40ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2280 20 KB
9 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1018 143 B
166 B 9ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=1009386844&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116049&bpp=1&bdt=1367&idt=184&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2280 202 KB
64 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2280 36 KB
15 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1018
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:17 GMT
expires: Sat, 02 Dec 2023 18:35:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2280 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35b29e2a2448a0b28d0462862fd52cdb1f56e92b3ec3b217b1ce2d0ca7248974

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 46CE 4 KB
728 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:24:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 46CE 2 KB
875 B 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 46CE 24 KB
9 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 46CE 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 46CE 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46CE 202 KB
64 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:17 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 46CE 37 KB
16 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H2 200 18094041740350341278
tpc.googlesyndication.com/daca_images/simgad/ Frame 26DA 87 KB
87 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18094041740350341278

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=600&slotname=8705626737&adk=2674453018&adf=1385442336&pi=t.ma~as.8705626737&w=231&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=231x600&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116376&bpp=2&bdt=1694&idt=2&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

959c2f98b64d5ae8f4c8b804837b7da716e7443b07ca8528cc568d081c550252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:28:50 GMT
x-content-type-options: nosniff
age: 212787
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89279
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 07:16:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 07:28:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 26DA 24 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 26DA 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 26DA 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26DA 202 KB
64 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:17 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 26DA 36 KB
14 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2394 143 B
166 B 14ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=600&slotname=8705626737&adk=2674453018&adf=1385442336&pi=t.ma~as.8705626737&w=231&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=231x600&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116376&bpp=2&bdt=1694&idt=2&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C789x280&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1103&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=3&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 46CE 21 KB
22 KB 42ms
8ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSXAoT-3zwJH9UHWb0nx7jSJ69DI0VavjDGHpbBSRqJkYHOTTrwm_Het7UGoA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0170e42a9e9d37acd6fb5b85d441a352fdb8308f6d0f46321cddbb7f7acdddba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:40 GMT
x-content-type-options: nosniff
age: 197557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21497
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 19:12:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 11:42:40 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 46CE 34 KB
34 KB 36ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ-EcQZ3w_kdmYfL71Yv8j2f6tNnxsviBAb6xHghYjegxIANWBoEX9jjHeg8IQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753bebf2df4f561b4e6411d770a7adb7b876eeaf4984c6036929cc4a7badc9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:05:39 GMT
x-content-type-options: nosniff
age: 34178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34405
x-xss-protection: 0
last-modified: Mon, 01 Jan 2024 10:57:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 09:05:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 46CE 23 KB
24 KB 41ms
7ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRlw69XdXUrT48WPj32s0ov_57PUlfJijEB0suXioJ4wXh6BhLV1bvCdWsenA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1757655415a390bd5be29289b4f1ed34a696faaa02862f7acb0b66777aaacd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:01:27 GMT
x-content-type-options: nosniff
age: 92030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23669
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 04:42:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 17:01:27 GMT

GET
H3

200

3995853839924061625
tpc.googlesyndication.com/simgad/ Frame 46CE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
https://tpc.googlesyndication.com/simgad/3995853839924061625

77 KB
77 KB

7ms
7ms

Image
image/png

2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3995853839924061625

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:57:06 GMT
x-content-type-options: nosniff
age: 189491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 17:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 13:57:06 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:10:37 GMT
x-content-type-options: nosniff
server: cafe
age: 5080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 2024 17:10:37 GMT

GET
DATA 200
OK truncated
/ Frame 26DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8993185a1e60abc73531a9c2a578e4e171f4799d78fbe3d72fba18e967e43f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2280
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2lmB5HhrZZDuF8Sh8wOL7bmQBfXx-qVywYK2spkSg-zz_QgQASCsoNgmYJWCgICYB6AB--TfmAPIAQKpAocWcjmKQrI-qAMByAPJhICABKoEgAJP0Mjpo1ULB6e7AiJbYQD6CnlQJEkTf1H...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223770390029294047003%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%2225...

0
0

57ms
41ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223770390029294047003%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222836576015216974593%22}&andc=true

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3770390029294047003","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"2836576015216974593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:35:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3770390029294047003","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"2836576015216974593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2394
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
15ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:17 GMT
expires: Sat, 02 Dec 2023 18:35:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 46CE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d29088cae4fcd3e75cc1d8c42253b7aa31db5fcf37d9ed8fb2370ce4dc87e3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C85D 51 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 26DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChJ0z5HhrZePxINSUpt8P5ZqAIMqOr8p0lq-phfcRv-EeEAEgrKDYJmCVgoCAmAegAYbvq5UCyAECqAMByAPJBKoE-AFP0LYP9dxhYKNzNFCWPpMy2pLNgQ3MMRoCHRs0VJ2Ce2pV1jGJ3V1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211936113010983118240%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%...

0
0

56ms
42ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211936113010983118240%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210138804710421581297%22}&andc=true

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11936113010983118240","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10138804710421581297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:35:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11936113010983118240","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10138804710421581297"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 46CE 21 KB
21 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:57:18 GMT
x-content-type-options: nosniff
age: 441479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Nov 2024 15:57:18 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 46CE 20 KB
20 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 33269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:20:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 46CE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Twb5HhrZcrMF-2qpt8PoaWe-A-Ri8y7dM2zpOOlEcq6jPG-ARABIKyg2CZglYKAgJgHoAGhwJjxKMgBCagDAcgDywSqBP4BT9BdjNpn25ACjYMvu8-zbD4Bw62ck2KgcQgTnxbrumpDmXH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227748631263976172756%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...

0
0

54ms
40ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227748631263976172756%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228267677843727598145%22}&andc=true

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7748631263976172756","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"8267677843727598145"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:35:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:35:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7748631263976172756","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"8267677843727598145"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7081 51 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&h=280&slotname=3882233011&adk=1626583491&adf=2647158304&pi=t.ma~as.3882233011&w=789&fwrn=4&fwrnh=100&lmt=1701540546&rafmt=1&format=789x280&url=https%3A%2F%2Fkroxam.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542116047&bpp=2&bdt=1365&idt=166&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&correlator=8636665337676&frm=20&pv=2&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
42ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:35:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame F36D 51 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:35:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:35:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 472E 559 KB
100 KB 1583ms
1582ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3819407587943201&output=html&adk=1812271804&adf=3025194257&lmt=1701540546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fkroxam.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701542117237&bpp=1&bdt=2555&idt=1&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ac43fde44820acc%3AT%3D1701542116%3ART%3D1701542116%3AS%3DALNI_MbD_J4maR4_4Dcsx40put1g2iXwNQ&gpic=UID%3D00000ce25c203c00%3AT%3D1701542116%3ART%3D1701542116%3AS%3DALNI_MbyS-XPcfcTez6z7BMZn_YnJsAiag&prev_fmts=789x280%2C789x280%2C231x600&nras=1&correlator=8636665337676&frm=20&pv=1&ga_vid=205295297.1701542115&ga_sid=1701542116&ga_hid=1142258978&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C42531705%2C44798934%2C31078301%2C31079861%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGsm3m7Th9XSuWCxXpf2OX5_8A9r9OvavtEdv20-by76btIoM-UhHLJGpvOI5IM1z1VKHpXnWk7LW-XjcwLUAe3UnLw%2CAOrYGsmI4xK2q4iRn7VyDg-vQ82gn_kguNJOCLycwEidINETHMEjlXmIuMKKqryH-_6zq0MSrWdbJr3mk1w3PImL1ni2QpuM%2CAOrYGsnB64Sjm6YIUUWJR6J9GGSgUdnTVX6UXNL_RDFrz8Z4vE5uX5OB-yJW1JMnGpaNDFcPcjzbMoaKNthSxXeLUKYNRiW6&pvsid=961939541984427&tmod=2111738786&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

260472909f58da7a6d788af1d509889ad936b2f0e7dec24128e02b96f23cacea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102676
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:35:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:17 GMT

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.9.4/dist/ 14 KB
4 KB 40ms
22ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.9.4/dist/leaflet.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2643810
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE73NSR1SX8EEG8SVZEN3M1M-fra
server: cloudflare
etag: W/"39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82f5ab3909f237f7-FRA

GET
H2 200 leaflet.js Show response
unpkg.com/leaflet@1.9.4/dist/ 144 KB
43 KB 47ms
30ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.9.4/dist/leaflet.js

Requested by

Host: weatherology.com
URL: https://weatherology.com/v2/widgets/js/homepage-wx-alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 145971
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGHHSS3RP2SB8V10ARSXVKT4-fra
server: cloudflare
etag: W/"24060-WmQP+GPnkCqMrCzmujfIezBnd2E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82f5ab3909f437f7-FRA

GET
H2 200 esri-leaflet.js Show response
unpkg.com/esri-leaflet@3.0.11/dist/ 67 KB
19 KB 31ms
31ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/esri-leaflet@3.0.11/dist/esri-leaflet.js

Requested by

Host: weatherology.com
URL: https://weatherology.com/v2/widgets/js/homepage-wx-alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8449120d20be60c85cda2b90eb54119162558c142c925c212a3f21fa89715464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kroxam.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 225787
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGF5P112XV2K2TNYTV0CZ908-fra
server: cloudflare
etag: W/"10cdb-31CLiDSlH/E3T/5YAYlD7rM2e/g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82f5ab394a5237f7-FRA

GET
H2 200 homepage-wx-alt.php Show response
weatherology.com/v2/widgets/ 15 KB
2 KB 137ms
137ms Script
text/html 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherology.com/v2/widgets/homepage-wx-alt.php?callback=jQuery3700865508057695962_1701542116420&wxApiId=tfWKNx3OttqnSy70uWzk7AN0kkHiXuOG&wxApiLat=47.7746&wxApiLng=-96.6094&_=1701542116421
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: f26a92134cbcb04842701fca432eafb2f72137dea916cfb98eeb01f6570f60ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
content-encoding: gzip
via: 1.1 google
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2211
expires: Sat, 02 Dec 2023 18:40:17 GMT

GET
H3 200 locked_degree_edit.png
weatherology.com/v2/images/ 17 KB
17 KB 122ms
122ms Image
image/png 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/locked_degree_edit.png
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: ff7452b9df8b23e24672f4b72b2885ee848bc4e57d33a3d3e6875de858cba0ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Tue, 16 Oct 2018 16:51:03 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "42c8-5785b5bea6bc0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17096
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 GT-Walsheim-Pro-Regular.woff2
weatherology.com/v2/css/fonts/GT_Walsheim/ 55 KB
55 KB 142ms
133ms Font
font/woff2 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherology.com/v2/css/fonts/GT_Walsheim/GT-Walsheim-Pro-Regular.woff2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: c3755e57e32de18adf7b83f3aebe33814932ec365ab8e42def14fd62dfcf80bb

Request headers

Referer: https://kroxam.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Fri, 20 Oct 2017 18:39:49 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "dc64-55bfecc2ee740"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56420
expires: Sat, 02 Dec 2023 18:40:17 GMT

GET
H3 200 GT-Walsheim-Pro-Bold.woff2
weatherology.com/v2/css/fonts/GT_Walsheim/ 57 KB
57 KB 133ms
124ms Font
font/woff2 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherology.com/v2/css/fonts/GT_Walsheim/GT-Walsheim-Pro-Bold.woff2
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: d0fc4d8608aee885e7560f1acf8f4fb0cec9100e6b29f7bd887fd2cd803947ff

Request headers

Referer: https://kroxam.com/
Origin: https://kroxam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Fri, 20 Oct 2017 18:39:48 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "e554-55bfecc1fa500"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58708
expires: Sat, 02 Dec 2023 18:40:17 GMT

GET
H2 200 / Show response
api.weatherology.com/data/ 6 KB
6 KB 395ms
169ms Script
application/json 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.weatherology.com/data/?callback=jQuery3700865508057695962_1701542116420&request=getCustom&token=tfWKNx3OttqnSy70uWzk7AN0kkHiXuOG&customEndpoint=getCurrents%2CgetForecast&lat=47.7746&lng=-96.6094&format=json&_=1701542116422
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 5ca33e5d82510a629bd7a32d283cbdfd2cd4cd8e1c85ac96ba5f25cd7c3fd63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 6372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 w.svg Show response
weatherology.com/v2/img/ 394 B
415 B 127ms
127ms XHR
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherology.com/v2/img/w.svg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 036fb44bb9e0c6a985aa4b7a917257894210f64b336d4e86157a3e3c03a414eb

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://kroxam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Tue, 14 Nov 2017 22:16:01 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "18a-55df8bb684a40"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 black_170_day.svg
weatherology.com/v2/images/icons/weather/svg/ 1 KB
1 KB 124ms
124ms Image
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/icons/weather/svg/black_170_day.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 21038290db9fe93435fbfde4afc5d283d15897d1dfc89b15190ef5bd318a1bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Thu, 01 Mar 2018 21:35:21 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "4f4-56660a30af961"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 w.svg
weatherology.com/v2/img/ 394 B
415 B 126ms
125ms Image
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/img/w.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 036fb44bb9e0c6a985aa4b7a917257894210f64b336d4e86157a3e3c03a414eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Tue, 14 Nov 2017 22:16:01 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "18a-55df8bb684a40"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 170_day.svg
weatherology.com/v2/images/new_icons_2022/ 3 KB
3 KB 124ms
123ms Image
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/new_icons_2022/170_day.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 24958efcb61d7a8bd0cd8eb338e0cda7837b1dd6e0bfcf323553b6875edb7e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Mon, 08 Aug 2022 17:48:28 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "cad-5e5be6c5af300"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3245
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 150_day.svg
weatherology.com/v2/images/new_icons_2022/ 2 KB
2 KB 120ms
120ms Image
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/new_icons_2022/150_day.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: f16d7a0726d6fd35e22f19bcc476146270cbec502fc11a1c0afdaf62b722c887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Mon, 08 Aug 2022 17:48:28 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "909-5e5be6c5af300"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2313
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 330_day.svg
weatherology.com/v2/images/new_icons_2022/ 7 KB
7 KB 125ms
124ms Image
image/svg+xml 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/new_icons_2022/330_day.svg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: f27cc991ae1a3de45bc5b150a2b55e1a18328b64ebb243fa200bd22cc6826559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:17 GMT
via: 1.1 google
last-modified: Mon, 08 Aug 2022 17:48:28 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "1ba1-5e5be6c5af300"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7073
expires: Mon, 01 Jan 2024 18:35:17 GMT

GET
H3 200 170_day_5.jpg
weatherology.com/v2/images/new_degree_2022/degree_conditions/170_day/ 224 KB
224 KB 122ms
122ms Image
image/jpeg 35.190.68.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherology.com/v2/images/new_degree_2022/degree_conditions/170_day/170_day_5.jpg
Requested by: Host: kroxam.com
URL: https://kroxam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.68.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.68.190.35.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f /
Resource Hash: 84d8350e49626e999abb0dfb2aed2b0502d7fc601d8091a7722514f2e6825049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:18 GMT
via: 1.1 google
last-modified: Mon, 08 Aug 2022 17:47:36 GMT
server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f
etag: "37ede-5e5be69417e00"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229086
expires: Mon, 01 Jan 2024 18:35:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e32dafc366609ccefb2538be4b2de02d06d5c73b66bf52ce8ed7742f117130b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12440
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 160 KB
55 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/reactive_library_fy2021.js?bust=31079861

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d3e6ba96820d0a6dd771c4acbe001112b3bb133d5a338376a5037ba344922d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55930
x-xss-protection: 0
server: cafe
etag: 9422300485007623513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 18:35:18 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 600F 9 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:05:06 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 00:05:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame B2DC 9 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:05:06 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 00:05:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 88FD 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:05:06 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 00:05:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 600F 4 KB
671 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 600F 205 B
520 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:42:43 GMT
x-content-type-options: nosniff
age: 100356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 14:42:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 600F 604 B
697 B 9ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:48:04 GMT
x-content-type-options: nosniff
age: 265635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 16:48:04 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 600F 16 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 23:44:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 600F 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:46:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B2DC 2 KB
566 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:45:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B2DC 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B2DC 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B2DC 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7CD 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B2DC 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B2DC 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgnidlTk55jMxyb-Oy_8aL_9Q6yKuF9kNHW11By2tBXz8W1V4DAG0KUPJl9imhIlRuBg54SmzAL8gMFUyXmvrLFJ1fGg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2DC 202 KB
64 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame B2DC 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 88FD 2 KB
566 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:24:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 88FD 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 88FD 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 88FD 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22F3 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 88FD 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 88FD 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1yvtDqtx_FAlSlb7mFDJtsyiiuPdFskYEuf9cdDd9eSH1VyKoTE6jVZUBjkx6_hk9O6cUvw90RpOneHOIcBR_sj0eBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88FD 202 KB
64 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 88FD 37 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E675 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A92 829 B
560 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e490ddfb42ad439894c25d4c29db169eb3cb9a23201949096b8387492870062e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JKQ-Hq-mj3NcqAhf0qJg0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kroxam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JKQ-Hq-mj3NcqAhf0qJg0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:35:19 GMT
expires: Sat, 02 Dec 2023 18:35:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame EF1D 6 KB
706 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:52:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EF1D 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame EF1D 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EF1D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB04 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EF1D 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EF1D 0
0 18ms
18ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUatrfkAii0gFaccySMJe4mrpM1hAl60Ip4lnQ2AxjMiMEMMs1CIYPBIwHlGGZR3Brml8j9vP7o9h4wCHGpOKgvuyXcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF1D 202 KB
64 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:35:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame EF1D 37 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C7CD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1&google_push=AXcoOmTax_KWWqYDhZOYZw-uPqHnd2-uPEnVtDI0LDOYfcsrhgNC2X2BYZyNhXnO7cC3IOxX-Pw9NBhGOW0_MLg-Cy9A-84pSZoivrs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM0MTAyNzY0NzcyMDY2ODM0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1

43 B
398 B

106ms
66ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C7CD 35 B
464 B 26ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKAtR0sGHmjhslVFaiRDz_0&google_cver=1&google_push=AXcoOmShPOjMcVSlVQ4B6HnOcZh_XoWyLxb0jtBAlxHIK2t3Y8GAnTteRm_IQBf9b__smJaE58iU9Txt6sOBiVVU_vElTlNzyX5DQek

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C7CD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8n...

43 B
425 B

181ms
180ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5ab456c23bb5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5047
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTKoP0Hkq3eSdTZtDX8ZPkZYT9X1FKgkZlCyMz4pnpMKNEZ6bE_xGqeqq2z9x0Z9ETuL-JpCKD8FTWjpg4xUNgtJDiDS8nY_uvZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5ab444aecbb5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7CD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmRLvD46-qYGKK9C2nvw4DAAD_onnxrNDVSuSfVu6uu1RBY2MRMoNV...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmRLvD46-qYGKK9C2nvw4DAAD_onnxrNDVSuSfVu6uu1RBY2MRMoNVaxalejphjoX1Mgd1Y3CaFLFGxNhvq-R0HWY54HlAuWtHz-

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230086-FRA
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701542119.114114,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmRLvD46-qYGKK9C2nvw4DAAD_onnxrNDVSuSfVu6uu1RBY2MRMoNVaxalejphjoX1Mgd1Y3CaFLFGxNhvq-R0HWY54HlAuWtHz-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7CD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBO2OEat8HsOIkpsk_TYi4Q&google_cver=1&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJJY18Wb7v1&google_hm=eS1GYlk3M0xaRTJwR3...

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJJY18Wb7v1&google_hm=eS1GYlk3M0xaRTJwR3MweVZ6bWtEdGtmd2RXS21zVE1KU35B

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 18:35:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQGpLsvEKolLhfAMDCUfhHVJtOPwgVXMkdskE71Qo0Xb-p9AJtmcerF7VNARwy_Pq1dz8oYEFd-WLYpXzSOoep66YJJY18Wb7v1&google_hm=eS1GYlk3M0xaRTJwR3MweVZ6bWtEdGtmd2RXS21zVE1KU35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7CD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAqjvuf2X8KUkIyCfVVgL9s&google_cver=1&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAqjvuf2X8KUkIyCfVVgL9s&google_cver=1&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgwNjM1NzgzMzM5NDUyNDQ3MA&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYE...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgwNjM1NzgzMzM5NDUyNDQ3MA&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZOy-NwwaLB4nlLqD5XcQ8Rs8oB

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgwNjM1NzgzMzM5NDUyNDQ3MA&google_push=AXcoOmRKZbIFXzJ867V_yajlmaQJNMaCVUpN_ZTzQbCH85byo7DVGEwkFC05klL7N7cagRo8GHHsYEZOy-NwwaLB4nlLqD5XcQ8Rs8oB
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C7CD
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDCh4NHV12NKCB63VTFAzHA&google_cver=1&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84YWb_gqs9ZNS8jQLMjZ0

170 B
329 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84YWb_gqs9ZNS8jQLMjZ0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGDi2hyZKn8XqXPYjng8xb7iozTlICx2dOBfKfEIEG29dU0_RWN0A3T44ClU0yOQQAnAx0x7aHPV84YWb_gqs9ZNS8jQLMjZ0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C7CD 0
130 B 44ms
14ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlCZ6LIyB8or6SapqqMIZIGI-hqKZI_APKfi3bI9p9KVG7DoGvFqfj5nNn84nJ6laWAYNL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 22F3 35 B
462 B 15ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKAtR0sGHmjhslVFaiRDz_0&google_cver=1&google_push=AXcoOmQXeDprueCSUa_ThW3yBO7obPtxHSsLByBfxyEsYIgjhMKNhFUMXf_fVKUPnrCekMXe3vO-5EMWXGWBxgQ7NpVlY4_GDdqEoxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 22F3 0
104 B 146ms
68ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENXYbhY6QtzRHbzd_0VtHsc&google_cver=1&google_push=AXcoOmSC22R7e2lbNBqxCLRcWf_MAquR0UTWdbxHlLaTR8tfd78US5rwf0mkiCVny8O3yi2DRd5kXISegmQrAQ8kQpUUUW0kYIat4Gg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22F3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmQiiFj0MHDuaeip1YTzM9ntFopDHNpkc5Ot0PZpDGg8cR00uRidQ1...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmQiiFj0MHDuaeip1YTzM9ntFopDHNpkc5Ot0PZpDGg8cR00uRidQ1Ux3M7kpn3nbw0RPKTNLafPbpaHDPdHDy4ZITmjefEHlJM

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230086-FRA
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701542119.114089,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmQiiFj0MHDuaeip1YTzM9ntFopDHNpkc5Ot0PZpDGg8cR00uRidQ1Ux3M7kpn3nbw0RPKTNLafPbpaHDPdHDy4ZITmjefEHlJM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 22F3 70 B
149 B 100ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPsxfAw3TRc5DJzM3gaRCFg&google_cver=1&google_push=AXcoOmR8CTU-bf3AGSFUoATVlKZVYRdYHFCkMVO40vOzSyIl3hiunkaI-GzitSl_kJ5hj9-Q4sn5fEzJ7c8BjjiILyTPstKX2Ak5B_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 22F3 0
174 B 36ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIcQ-idGLSkweHorwAVzF4I&google_cver=1&google_push=AXcoOmSWkZNvohaUVb38N0OUHvEms0lhqJgS0dqE32NafJjc3evbGDsO9ougKF8A8DWGyuhir34U3Nnc6emwZE-aZ56wNwy_NrLshMI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22F3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBO2OEat8HsOIkpsk_TYi4Q&google_cver=1&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6Icp...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6IcpAygIt_GU&google_hm=eS1oci5qZG9oRTJwRTk...

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6IcpAygIt_GU&google_hm=eS1oci5qZG9oRTJwRTkxa3JHN2FJWGNpNUlnQVh6Zk5jVX5B

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 18:35:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSgGCEsP9Fdm7_PDTbVaftIFz-U9ImDU66N5E6z9u3NPCWAX3tZ33BDqJjFt5TfsvZDR8_j133NyTFP9r_hbVW6IcpAygIt_GU&google_hm=eS1oci5qZG9oRTJwRTkxa3JHN2FJWGNpNUlnQVh6Zk5jVX5B
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 22F3 43 B
146 B 171ms
7ms Image
image/gif 18.192.232.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESENUiht0a_WYcF_ksDEEu7KA&google_cver=1&google_push=AXcoOmRHtbtn5LJAVfctyAzHZCmcQupszhWdLKu2eCeS5jRpJX0QHNNSuQAOIU1cSO24qNLOl7uPa4OMWQt97Q73SdAg9EI2CkZXaA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.232.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-232-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 22F3 0
40 B 32ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lag3mrvDlEdhM9aPaEDi5S2-LM0ZUh8H8Glj5K241EGLroQdgnYUxfpqywe3cmEgb3ogBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A92 0
0 47ms
47ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=961939541984427&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AB04
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1&google_push=AXcoOmSEBNagJw7ZOY4L1a9E5xWDw5T6dV4a4WvjhcRrkZ3L97wfc4_DYpFlYnnamceG8GDSiQoeJKVXGhSMmtKGBU0ITRoGhb8Fr8c
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQxMzA4NTI0MTc1ODU5NjI3Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1

43 B
398 B

105ms
64ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBgQT0jdP45DWMt1hCh9_s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AB04
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6...

43 B
401 B

181ms
181ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5ab45bc83bb5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 555
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF6wpIz1_UmdVC3m6ELduhM&google_cver=1&google_push=AXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmKtB77dghIoEm0FyQzElNN1iNK5CEdLO_HIclSThPW52NWjLxDGUwQwPNBPosifFWidksJxnfjPaYGKCdBlvCnLC8gO6wFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5ab449b38bb5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB04
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmTcF_Pe4pwwe8cxGt9FjlzR8xoJgVQUh3S6O03vWMbIvn9ln5rKiD...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmTcF_Pe4pwwe8cxGt9FjlzR8xoJgVQUh3S6O03vWMbIvn9ln5rKiDkaSthq_5HuWSmnHMgxdeBnuFy3z3fW1nqO9bpjMLo12s4

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230086-FRA
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701542119.140037,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELrmXr6qCAUSQ4CJQYr_Q7o&google_push=AXcoOmTcF_Pe4pwwe8cxGt9FjlzR8xoJgVQUh3S6O03vWMbIvn9ln5rKiDkaSthq_5HuWSmnHMgxdeBnuFy3z3fW1nqO9bpjMLo12s4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 sync
x.bidswitch.net/ Frame AB04 43 B
145 B 110ms
8ms Image
image/gif 18.192.232.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESENUiht0a_WYcF_ksDEEu7KA&google_cver=1&google_push=AXcoOmR2va47UShYiaCFLNGRRQLoACgcGxkEm5pj8TW9FmMUWyeBJ_QAYJz0SPRKazUUceVrXo2kDnVwpUnqnjreBzhf3HUi6YYMN94
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.232.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-232-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame AB04 43 B
363 B 54ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS_YGS-T-HgCHWa-qeb4UG5umgwb-_DIuqCN-ILOQz7UhwsqpSNYMa6_l9-iM5pfjw7XQ6m3QOgaLRXgx2DTY5UMaP7NBewJ-g&google_gid=CAESEB7KG8TqBPp8OahdH0UtWP8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:18 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219963
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AB04
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDCh4NHV12NKCB63VTFAzHA&google_cver=1&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5VZ1iUmOLVQwooY89cck

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5VZ1iUmOLVQwooY89cck

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5fkLjeu2VJdE_QeQ5JSwB7CTBUxj-GKSzrErFY_hRlrcZLNqbOc-nVYeVHYZN_R7JnvPnr_TbiDO5VZ1iUmOLVQwooY89cck
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame AB04
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIBjxXqt45jz...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTkJ7-w-gGj0g5pYtXpK3pN2tjp_IaIinP7uvq66CcDORZSFKBNnJDuAPWfHmOGndHh0TOoxBsUb3W2ubIanvcL2gVuYMokz3x4
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
44ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 18:35:19 GMT
pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB04 0
40 B 14ms
14ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMCUyvE3l5WPdHQsedrd2gzWWhcMIEmXH-0-Vo5WivYLVXCrZ9mrR-PYzTC90JduG9lQ7RIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BAD 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E675 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7263 51 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E28 51 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: kroxam.com
URL: https://kroxam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E675 0
11 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7VvKrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:35:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=961939541984427&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfOH-dwbi-3yxRh7534c4Ho0X1EbkWHbHZHcmT8n4woMqzPU95M9ExPU3MSfmZF03TAgAAAFtSAAAAA2gBBwoAcW-Xr9Oh3UnlZvhthouddB5rqW3CHzewDvrK-LtrJe_g3wmVWyfc7cxGHtlnnKfSH3GJ80urRknKR1bd6J2lNBXE4DSP0TRiovplauU-NaSgAtC7aYxw1BE3uYDMbDU2yILyBO7EvbZ531pYQTcfSELCmQK0pIV81_97EnOwzdxFtuxKWnShz-4gnTyomcorHYIo6_N110FxiKFoxhy997R6XBzdStQjQjlIDNX4BxXua4-B6KTsXUbwYAH4FlCAfaIjb-AwrrLyX_PjBoovD8w4QtfzaKc_3umafQ5mlnHoddWkQiVYxceP7qYt4FvknayUVZem1ZHzHGxZwbRcf9mpssDqdrxjYx0ghBcIFM37QJ5mFCeSfxc411_f1ikqVOzb8jTJ66yT9IRwkk5ltM-fES-tRTJz5mOYGDsC87GdIaQ6iI-iBpa98nJxReg2ShMKDn8AvfcZD7TcVuqPRg5DAFDrfRj0sW6yiG48VnW1j7KUOjlnIso53s0SBY02vEn_koNdA07PMdfYxUeW9UB82ZiJlP3xYyG-_EH3ohUtS_cluXX2uugM8t5X_WOGOZAQy2MdJcOWZLCp7yFaxdwcyL5FvYkEY5BKT0WDRe_Q3bA2c9a8cR4gD0F_WsdsjwySlTS1_BiDo_3_zGHFvi3l80sXpyGDlbh9brZ8OHMUuVWepDC4KhXVctxg4Jmi4fGAAOoiGb_U9TZWwvFeG-0bnsJFM4QLpJrm9NYN-S2j1_A2jSUKN8-md1nZBll3OPeffYIqRlVXlkvyyLrvLgNsA5N_pLP0fHefD84egbakJw39lGN9wUkYKnA17QUCKCCl9j_gm9TjPaVnzQGWwTLiNy87aYHyZ15R1HNMszstRVUCirXXHORPmyFIQhNy_dhqIophQCOErygsX0-vNl3-9dUTR12J6rGy_8oHnFwqVmDLdmzBi8PQlay7oMmj9qOAXs7FKCIwwfd09TyzfQhActp6V_xbWIuQphlekTw6CoFGr774iwQ7M0Kg_3Zel9ilWqhFtBHql_4Mvl47t-q5NWBfj8u1UwcA_2Wf9FBtS1s2iJiRW8o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kroxam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kroxam.com/	1970-01-21 02:15:02	Name: _ga_EQZY1YJ3F3 Value: GS1.1.1701542114.1.0.1701542114.60.0.0
.kroxam.com/	1970-01-21 02:15:02	Name: _ga Value: GA1.2.205295297.1701542115
.kroxam.com/	1970-01-20 16:40:28	Name: _gid Value: GA1.2.898429221.1701542116
.kroxam.com/	1970-01-20 16:39:02	Name: _gat Value: 1
.kroxam.com/	1970-01-20 16:39:02	Name: _gat_gtag_UA_26461317_8 Value: 1
.kroxam.com/	1970-01-21 02:00:38	Name: __gads Value: ID=9ac43fde44820acc:T=1701542116:RT=1701542116:S=ALNI_MbD_J4maR4_4Dcsx40put1g2iXwNQ
.kroxam.com/	1970-01-21 02:00:38	Name: __gpi Value: UID=00000ce25c203c00:T=1701542116:RT=1701542116:S=ALNI_MbyS-XPcfcTez6z7BMZn_YnJsAiag
.doubleclick.net/	1970-01-20 16:39:05	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:00:38	Name: IDE Value: AHWqTUmxRmOq8DzeX_bvmP2VqC7cNp66E4E5xgu9TAGtZcWVmkh7JO_lFQeX22oTQ2I
kroxam.com/	1970-01-20 17:22:14	Name: apsa_embeds_info Value: {"1":{"campaign_id":"1","last":"1","last_id":"20"},"10":{"campaign_id":"10","last":"0","last_id":"22"},"16":{"campaign_id":"16","last":"0","last_id":"34"},"17":{"campaign_id":"17","last":"0","last_id":"25"},"33":{"campaign_id":"33","last":"0","last_id":"45"},"48":{"campaign_id":"48","last":"0","last_id":"65"},"68":{"campaign_id":"68","last":"0","last_id":"99"},"69":{"campaign_id":"69","last":"0","last_id":"100"}}
.googleadservices.com/	1970-01-20 18:48:38	Name: ar_debug Value: 1
.quantserve.com/	1970-01-20 18:48:38	Name: d Value: EHoBCQHIKoEA
.quantserve.com/	1970-01-21 02:09:16	Name: mc Value: 656b78e7-14225-ca27d-c07fe
.blismedia.com/	1970-01-21 01:24:42	Name: b Value: 656B78E70E3EEFFFF06E6AC6BLIS
.adform.net/	1970-01-20 17:23:40	Name: C Value: 1
.yahoo.com/	1970-01-21 01:24:59	Name: A3 Value: d=AQABBOd4a2UCEAVfTFJlJIl27QsTR7Yq2SIFEgEBAQHKbGV1ZQAAAAAA_eMAAA&S=AQAAAsLFQqP36SAPs21q21-A1p0
.adform.net/	1970-01-20 18:05:26	Name: uid Value: 5806357833394524470
.everesttech.net/	1970-01-21 01:24:38	Name: everest_g_v2 Value: g_surferid~ZWt45wAD9ym2wwAM
.tribalfusion.com/	1970-01-20 18:48:38	Name: ANON_ID Value: aEntuJRZdySbAIUMnXUx7IdrZcxEZcO7t9BWYOJxDMYtwf3xAG2JZaBH1VRcbENqciOPOKRFhpJeYYVrc9iHpdxatZaZap
.turn.com/	1970-01-20 20:58:14	Name: uid Value: 8413085241758596277

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ajax.googleapis.com
api.weatherology.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kroxam.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
unpkg.com
weatherology.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.186.98
151.101.66.49
162.144.33.60
178.250.1.9
18.192.232.229
2001:4860:4802:32::36
216.58.212.162
23.35.237.56
2606:4700::6810:7eaf
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2001
2a00:1450:4001:802::200a
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9c
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:6047:ce6a:6df1:a9de
3.33.220.150
34.96.105.8
35.190.68.40
37.157.6.232
46.228.164.11
51.89.9.252
0170e42a9e9d37acd6fb5b85d441a352fdb8308f6d0f46321cddbb7f7acdddba
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
036fb44bb9e0c6a985aa4b7a917257894210f64b336d4e86157a3e3c03a414eb
0477db11333c3293fcd98deeac5e86584e51b6e9256e3bedd50edea1cf347a1f
05b547ee7ca44f508bf0c06351f1e4ff84bd05ff1f0b2f7dab720180d778cbff
06e2cbee1cd23b3253759d2b851beb965321e1f887d36a1f187234db8b357292
093073011c40e1db0aecc3eeb1488b2bc70f594c84caa968656cadef984bde72
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0ad866383c29d43b62ce761d2030d4ff9ee918f4e5cdddad7d4682bb694ef042
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
119349fa393e6ed3de0643fbcb1b60b75a2533af3c029c201b6f7fef36b9656a
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7
11e13c18164c5eea44deeeba445e793504bffa1bc221464e6c163b64a114d17d
12e0666f7437668fa84a7d72769d5d09094d9f433526643f9f018936b8de5158
13e8162655ecee0f0bda191003d5d7532898884887b9e209c054f9a85d531ad6
1757655415a390bd5be29289b4f1ed34a696faaa02862f7acb0b66777aaacd37
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a36e3a78e2133e4c0679ab1ed0b3ab7f006deec44f1c58295851ae05fb20643
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b48cb1fa81fc7da96a7ff4f0129ea30ae7f799c06a51c0b1e2dd1df25ad8b0e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21038290db9fe93435fbfde4afc5d283d15897d1dfc89b15190ef5bd318a1bc2
24958efcb61d7a8bd0cd8eb338e0cda7837b1dd6e0bfcf323553b6875edb7e7f
253817d06ade2c59d38e5b4e34017d4e3d00b27f2b3466ef33f9942501fb2b46
260472909f58da7a6d788af1d509889ad936b2f0e7dec24128e02b96f23cacea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336a25d31d729ad4223f664f1c0e4f82778979cb5ca97edd303d40241d6b272c
35b29e2a2448a0b28d0462862fd52cdb1f56e92b3ec3b217b1ce2d0ca7248974
3925be10d7d8717b83b2ae08b702d0b0492b9cef951846bed7b7ef3910c8b6af
3b39e538580e6e84e8233a168f3411450cefa67ab1ab9638412fd05e7b89fdeb
3ccd89c00227b7d92d8171927b8a8c53834f4e1625ee6f99a7fdef81b2656feb
3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d
4044790b8dfbcef4ac93778837154a084e8df9043833894e7480f013a2c86ec0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de33c9ee97874e1d4556ff9b7d1cf10ab5059bdaefae8e1d668e2af342882e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50102005e933a1c93fd7b82b700723a4a03cd66bea9f3d62a6902814ba954275
53c83e6bf2168230c77453c313b56d4ce737b239c313443feba8eaeb4b33f2db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b8fb01c4634d81f4fe444f85a62627091a432ace0664f3022b57b0625ed796
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b38ca017f55598afab3b5fbd02d2c979da1de26d97c74d442e258d155d59ff
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca33e5d82510a629bd7a32d283cbdfd2cd4cd8e1c85ac96ba5f25cd7c3fd63b
5da6e215c2c4cf0268a6b1565f396e2258c14b325e975d7a1d12f95d6f10f280
5e32dafc366609ccefb2538be4b2de02d06d5c73b66bf52ce8ed7742f117130b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643644074548b8cfa54ce86be98172b662777d31ce9b38ad9d0241fc12647efb
67e17eded48efd41da15c98b87275c8c4ef6a641859c4f253f0409219bdcad13
753bebf2df4f561b4e6411d770a7adb7b876eeaf4984c6036929cc4a7badc9da
75e1a67f7d82d661dd60148321a286a6498b0f27bbf622810e43bb5d15575d05
780a16112b4894caa63097620ac5b85f0be612e18c62f0d00c02c323d3bfdffb
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6
792180698e17019192621dfb6615fb58b7b158c5bcb9c8e08ee92d51bea79791
801b3a26f4f89ae50c0501d3d1a6064dbf9ebc4660ba75e8de40f15bfc0b6f74
82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420
8449120d20be60c85cda2b90eb54119162558c142c925c212a3f21fa89715464
84d8350e49626e999abb0dfb2aed2b0502d7fc601d8091a7722514f2e6825049
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852d6a236b8808349300754ea6a759c43f04bb6ae705446018cd9f4f8f027ad4
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8897076fcc8e88cb8f31cb3ea4ba947e6ef31943bcf616e8104e9ab2c4346fb1
8993185a1e60abc73531a9c2a578e4e171f4799d78fbe3d72fba18e967e43f1f
89b7ef155312a6e5c22a285fe0683b791e6bd6bb6e564e582881fa808ae6b68e
8aefab739d201f6ebc8ae31e19b3dd9bd4db1ca80862c8f6225db61f6bf180e1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90ecf36be1d43c5bee26ce7977f2ddaa5d2e9b1ed732c034eeecf8c1e87e5f6c
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
959c2f98b64d5ae8f4c8b804837b7da716e7443b07ca8528cc568d081c550252
96d7a3448aff4d56ef386f6c3e5799140d5660bbe5d63aeb861b2f1ba8e57bbf
9a39fe1165cd2dd5735eec751e6950229961812c23b5e5a98e30ccf86f1ac1f0
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d3e6ba96820d0a6dd771c4acbe001112b3bb133d5a338376a5037ba344922d4
9e0e37301726882418294833d0d84cd1c17225245143beca05137be5e768bf40
9e157711292fc9569811cbbe08ce66ce678f2fee31bf323f4f8fb4f5edc5d00b
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a339245fccc68b9dece15a32325ecbbfa0fb176f1f1bda51d3146225d1021d15
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a51003115e6640ac72b7a1c6525250bd66ff3cb60f207168c9aef0369c484098
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
a92a874d1b2c84f16bb18b05ee65743012367ae055d2781ba7730baaf0139465
a9b277d0cea26500af3ade0b7752ffa4efe6c73a7c587e95fa481effdcecce11
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af1b1ad98ad2b941bf4695d2f17684a93bbf46bb530b571ba275a8253519a20a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b987f0a1d971940fef7f260fb73d242b3d561183e3945fc2a378dad94cf55abc
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5e093f09b13349cb865180c09a4e8c97125442aacef672c05c42908a55f3be
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c16cce59c91052b3fb58ca67a540e9b0493e7a42528c219f704a29b30904372d
c3755e57e32de18adf7b83f3aebe33814932ec365ab8e42def14fd62dfcf80bb
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c5e88c16be6045f46a1df3ae8f8e38ca10778910e491b77e9d3aaa354010bebe
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85
d07ff671faf8f28c8859f1bead7fd35a55c69b7bab545ed7de56b7f44c3aaaaf
d0fc4d8608aee885e7560f1acf8f4fb0cec9100e6b29f7bd887fd2cd803947ff
d29088cae4fcd3e75cc1d8c42253b7aa31db5fcf37d9ed8fb2370ce4dc87e3a8
d34230d51585e0d7a7500c2adcd1425caf9edf24c32c61e1c2f1608276e482d5
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e490ddfb42ad439894c25d4c29db169eb3cb9a23201949096b8387492870062e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec1da03c057b040456db269c5d72a405fa53ffe556182f54e46611d720547175
ed4984390c58748993be5915c45df2c9d9c9cf9cf23655f19dd7385dfc416620
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f050fd052a21620c83566dfabadd8a606f18df450216a15e0bd2501d9fd1e70e
f16d7a0726d6fd35e22f19bcc476146270cbec502fc11a1c0afdaf62b722c887
f198fe4db6ec41b8ef2e653b159fe54e5cd5fa66bc91fad56ceb306d46ff9dd0
f26a92134cbcb04842701fca432eafb2f72137dea916cfb98eeb01f6570f60ee
f27cc991ae1a3de45bc5b150a2b55e1a18328b64ebb243fa200bd22cc6826559
f2be0d99588fd30f81f9d519e27422142ecb0af1d4ed5bc7e81d4eb32fe99978
f49e16149fd134ecdfc927cebab7226960180071da626926c60d03600d169db9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88c4ed11e85ec5348ac5bad09288733c73963b652d56621e784b53c4faaf8db
fa14c860be44dc6d26b3d21fd3cce04435b4c972626654a0d651e6e9c5d9be03
fcc8e147f90109d380cced0d61c2edd431787f7a0edaf174c4107972255100fd
ff7452b9df8b23e24672f4b72b2885ee848bc4e57d33a3d3e6875de858cba0ef

kroxam.com Open in urlscan Pro 162.144.33.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

217 Requests

92 %HTTPS

62 %IPv6

26 Domains

38 Subdomains

31 IPs

8 Countries

5053 kBTransfer

10572 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kroxam.com Open in urlscan Pro
162.144.33.60 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

92 %
HTTPS

62 %
IPv6

26
Domains

38
Subdomains

31
IPs

8
Countries

5053 kB
Transfer

10572 kB
Size

20
Cookies

217 HTTP transactions
4 data transactions