urlscan.io logo urlscan.io
SecurityTrails logo

aa.fhmtk.com Open in urlscan Pro
66.29.132.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3VmVeA6?cm=mega
Effective URL: https://aa.fhmtk.com/?p=8
Submission: On April 14 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 82 HTTP transactions. The main IP is 66.29.132.46, located in United States and belongs to NAMECHEAP-NET, US. The main domain is aa.fhmtk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 10th 2024. Valid for: 4 months.
This is the only time aa.fhmtk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
19    66.29.132.46 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business138-4.web-hosting.com
aa.fhmtk.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
4    2606:4700:20::681a:11b (United States)

ASN13335 (CLOUDFLARENET, US)
striveme.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
15    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
402 KB
19 fhmtk.com
aa.fhmtk.com
374 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 402
104 KB
6 gstatic.com
fonts.gstatic.com
238 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
8 KB
4 striveme.com
striveme.com
257 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665
119 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
169 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
697 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
252 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2280
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
87 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6080
282 B
82 13
Domain Requested by
19 aa.fhmtk.com aa.fhmtk.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 pagead2.googlesyndication.com aa.fhmtk.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 fonts.gstatic.com aa.fhmtk.com
fonts.googleapis.com
6 tpc.googlesyndication.com aa.fhmtk.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
4 striveme.com aa.fhmtk.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 securepubads.g.doubleclick.net aa.fhmtk.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com aa.fhmtk.com
1 region1.google-analytics.com www.googletagmanager.com
1 fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.gravatar.com aa.fhmtk.com
1 www.googletagmanager.com aa.fhmtk.com
1 bit.ly 1 redirects
82 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
wa.me
striveme.com
www.ar-themes.com
Subject Issuer Validity Valid
aa.fhmtk.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-10 -
2024-07-03		 4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-19 -
2024-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://aa.fhmtk.com/?p=8
Frame ID: 32C9DCE1AC66BA276498ED50F2DF11B2
Requests: 45 HTTP requests in this frame

Frame: https://fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1AE7A943E6F89AEBD494F10042073713
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: 462DD471A4DE61D78318FA455A4FB80D
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: BF2EFCFCCCE0E7E47D25176902525F2C
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Frame ID: 01F6834132C89DC9593E930B756482CC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA18F07DB0E1CF0C30EA24C0FC8377C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

سيارة بوغاتي – aa

Page URL History Show full URLs

  1. https://bit.ly/3VmVeA6?cm=mega HTTP 301
    https://aa.fhmtk.com/?p=8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

82
Requests

94 %
HTTPS

72 %
IPv6

13
Domains

15
Subdomains

18
IPs

3
Countries

1761 kB
Transfer

4857 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3VmVeA6?cm=mega HTTP 301
    https://aa.fhmtk.com/?p=8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aa.fhmtk.com/
Redirect Chain
  • https://bit.ly/3VmVeA6?cm=mega
  • https://aa.fhmtk.com/?p=8
125 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
9a4e781b76acf550e23ccd72a4b24b1bb8e3e6a65b4dfedcd7a63efac971d46a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 03:23:27 GMT
link
<https://aa.fhmtk.com/index.php?rest_route=/>; rel="https://api.w.org/" <https://aa.fhmtk.com/index.php?rest_route=/wp/v2/posts/8>; rel="alternate"; type="application/json" <https://aa.fhmtk.com/?p=8>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-pingback
https://aa.fhmtk.com/xmlrpc.php
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
112
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sun, 14 Apr 2024 03:23:26 GMT
location
https://aa.fhmtk.com/?p=8
referrer-policy
unsafe-url
server
nginx
via
1.1 google
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e23805894e3e275d230f093240718dd821c97b01d4ab589e13ed8579dbb4149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29534
x-xss-protection
0
server
cafe
etag
195 / 19827 / 31082723 / config-hash: 10044149075479355345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Apr 2024 03:23:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157224696357601
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
316148a2ba4e5ed0c0d45c7082fe48fc4e529661c0ffa7e971ce2b53948528d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51172
x-xss-protection
0
server
cafe
etag
8234920218383229602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Apr 2024 03:23:27 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHSVJRPB5R
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54c5fc28ce44a85aa9bd50293ca885694f7b5ec92ef58fde6484ef53054b228e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88662
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Apr 2024 03:23:28 GMT
style-rtl.min.css
aa.fhmtk.com/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 21:37:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14048
expires
Sun, 21 Apr 2024 03:23:27 GMT
style.css
aa.fhmtk.com/wp-content/themes/bahr/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
24cd49deda453a2cef4d9f8d36e606af1040c874d651714ef5f24de9d848b772

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15870
expires
Sun, 21 Apr 2024 03:23:27 GMT
animate.min.css
aa.fhmtk.com/wp-content/themes/bahr/css/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/css/animate.min.css?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3733
expires
Sun, 21 Apr 2024 03:23:27 GMT
jquery.min.js
aa.fhmtk.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 02:44:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
29744
jquery-migrate.min.js
aa.fhmtk.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 15:19:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4678
rtl.css
aa.fhmtk.com/wp-content/themes/bahr/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/rtl.css
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
014d1396c9dcab6c33acbe7d8def9909c59352474aeede15759cfc04146196a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2501
expires
Sun, 21 Apr 2024 03:23:27 GMT
/
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/?s=80&d=mm&r=g
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sun, 14 Apr 2024 03:23:28 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="none.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
alt-svc
h3=":443"; ma=86400
expires
Sun, 14 Apr 2024 03:28:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8511048638520118
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ba7bd717805c57c56449adc5a491ab70a498e89d7758fb859fc2e34c9ac4516f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51071
x-xss-protection
0
server
cafe
etag
11812113045784115098
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Apr 2024 03:23:28 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-1.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-1.jpg
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6df6061433cb941cfb2ddcfb11c78f11c17a68b39e668b30dd0500a60b5084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
804214
content-length
98495
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:31 GMT
server
cloudflare
etag
"62b192ff-180bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1%2BjUjE4zi16kxwYgypS98lyRAXRIpj%2FG9x2rv8ExcdvpCNQBUewPMGSnGsKnojw4%2F5q1sAqwrV%2BkNwdGA9KVm%2FNnsOAwnMuzVM3%2F0MdC%2BCQ4SyXV5NvC1h6wzAowxFevfCfjKoL%2BoAc4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874093cb1cbd91e9-FRA
expires
Sun, 07 Apr 2024 17:48:53 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-2.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-2.jpg
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce44ccff82fc30d850f4b9ce5d47b1b727f9600d24b0f3bf2b755d7e0795304c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791686
content-length
80119
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:43 GMT
server
cloudflare
etag
"62b1930b-138f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8IgQwyz6fsqjCYfyeJbl1TEylN2%2B8bU5XKJ5rBJs0G9rq4pVEfcC8Py8QErXi8x0T%2FaLwW1ZckdHaD65QoJlPyjI9DgCYKtMWDwdV4po21ibydDMDhjH6HWy6WifIQyMTpGZijhFkBL8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874093cb1cbb91e9-FRA
expires
Thu, 11 Apr 2024 03:40:45 GMT
%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-3.jpg
striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/2022/%D9%85%D8%B9%D9%84%D9%88%D9%85%D8%A7%D8%AA/6/%D8%B3%D9%8A%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A8%D9%88%D8%AC%D8%A7%D8%AA%D9%8A-3.jpg
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9122761c316ef0bf7010f8a4005233de4a7963a7fa519cf50955a4e354f3729

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791686
content-length
74223
cf-bgj
h2pri
last-modified
Tue, 21 Jun 2022 09:44:55 GMT
server
cloudflare
etag
"62b19317-121ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wenGROzXf4HOZOgqQbyFH%2BsPRwQ1GrEJP1NpopMsaWUI0K3canCXYk%2BbjAtx08HzyxjaICCZrLH%2Bd1L68uzxGh6UZV80h0ayrP2dnQOVCx1g2m4ZnR0gF319LAwlUQiCrejnLBEvLsQ15A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874093cb6cce91e9-FRA
expires
Fri, 12 Apr 2024 02:32:29 GMT
default.png
striveme.com/img/default/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://striveme.com/img/default/default.png
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e34a19e0b985c840177b483cc1fad9b02a2ede18773f92acf35c73cfe6eed4e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:27 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2017 11:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
807567
etag
"59f70c43-1f62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xg3jIS35WBZUc3OuyiFCpvqIgxKLGOZAgGTXct436EvHJyPGePSle6K0VfRM35wvL4vtes6oWA7%2BRO2kCTvkrQUd4OGhqhQKO7PxSZIEH2sUv8482ENLE6%2BkUEjNjq5nH2qysYRce3g0ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
874093cb8cda91e9-FRA
content-length
8034
expires
Sun, 07 Apr 2024 19:12:24 GMT
font-awesome.min.css
aa.fhmtk.com/wp-content/themes/bahr/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6281
expires
Sun, 21 Apr 2024 03:23:28 GMT
hoverIntent.min.js
aa.fhmtk.com/wp-includes/js/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sat, 09 Apr 2022 05:37:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
668
wow.min.js
aa.fhmtk.com/wp-content/themes/bahr/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/js/wow.min.js?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2576
jquery.sticky-kit.min.js
aa.fhmtk.com/wp-content/themes/bahr/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/js/jquery.sticky-kit.min.js?ver=1.1.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1194
theia-sticky-sidebar.min.js
aa.fhmtk.com/wp-content/themes/bahr/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/js/theia-sticky-sidebar.min.js?ver=1.7
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1631
scripts.js
aa.fhmtk.com/wp-content/themes/bahr/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/js/scripts.js?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8762c3da365e2c392b99d8ca2ee3bab9157dd95df7abb86d0f9a3681b22a48c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3056
skip-link-focus-fix.js
aa.fhmtk.com/wp-content/themes/bahr/js/ 		880 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
380
comment-reply.min.js
aa.fhmtk.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/js/comment-reply.min.js?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Sat, 09 Apr 2022 05:37:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1228
da428315-b772-4444-b15f-04e75d59cf77
https://aa.fhmtk.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aa.fhmtk.com/da428315-b772-4444-b15f-04e75d59cf77
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157224696357601&plah=aa.fhmtk.com&aplac=true&bust=31082672
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157224696357601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bd73951c092685c7082ee5b818d0acac281defa82dfb12efc983c73882ae5a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141641
x-xss-protection
0
server
cafe
etag
2720021253227648561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Apr 2024 03:23:28 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/ 		448 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
62540
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143226
x-xss-protection
0
server
cafe
etag
18387702370034619198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:01:08 GMT
Al-Jazeera-Arabic-Bold.woff2
aa.fhmtk.com/wp-content/themes/bahr/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/fonts/Al-Jazeera-Arabic-Bold.woff2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
daf6aaa186a4d54af9938e17fbf8bb7b9fe3f3345f93d6cf0c3360cab8c9ae0f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/wp-content/themes/bahr/style.css?ver=6.5.2
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15780
expires
Sun, 21 Apr 2024 03:23:28 GMT
Greta_Arabic_Regular.otf
aa.fhmtk.com/wp-content/themes/bahr/fonts/ 		154 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/fonts/Greta_Arabic_Regular.otf
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/wp-content/themes/bahr/rtl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/wp-content/themes/bahr/rtl.css
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
157992
content-type
font/otf
fontawesome-webfont.woff2
aa.fhmtk.com/wp-content/themes/bahr/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-content/themes/bahr/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/wp-content/themes/bahr/css/font-awesome.min.css?ver=4.6.3
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
last-modified
Sun, 10 Mar 2024 21:43:00 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
71896
expires
Sun, 21 Apr 2024 03:23:28 GMT
ads
pagead2.googlesyndication.com/gampad/ 		52 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3147661605416908&correlator=978152856393266&eid=31082615%2C31082743%2C31082723%2C95327818&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Csa&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&sc=1&abxe=1&dt=1713065008595&lmt=1713065008&adxs=920&adys=3408&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Faa.fhmtk.com%2F%3Fp%3D8&vis=1&psz=599x250&msz=599x250&fws=4&ohw=1600&ga_vid=1156439534.1713065009&ga_sid=1713065009&ga_hid=1473917248&ga_fc=false&dlt=1713065007797&idt=782&adks=3069156523&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c3597662d7d32f7b62cbcb638b32a4185c0220de68da09089f397e622a45fa6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12593
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://aa.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		53 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3147661605416908&correlator=978152856393266&eid=31082615%2C31082743%2C31082723%2C95327818&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Ck&enc_prev_ius=%2F0%2F1&prev_iu_szs=930x180&ifi=6&sfv=1-0-40&sc=1&abxe=1&dt=1713065008602&lmt=1713065008&adxs=290&adys=4891&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Faa.fhmtk.com%2F%3Fp%3D8&vis=1&psz=599x180&msz=930x180&fws=4&ohw=1600&ga_vid=1156439534.1713065009&ga_sid=1713065009&ga_hid=1473917248&ga_fc=false&dlt=1713065007797&idt=782&adks=1231755794&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2a3b17dc58fc3d46410ae253e31e3d4bd4af253ec4c63564a0ee1505d1d515e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12746
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://aa.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		55 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3147661605416908&correlator=978152856393266&eid=31082615%2C31082743%2C31082723%2C95327818&output=ldjh&gdfp_req=1&vrg=202404110101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23089978430%2Cn&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x200&ifi=7&sfv=1-0-40&sc=1&abxe=1&dt=1713065008605&lmt=1713065008&adxs=470&adys=6066&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Faa.fhmtk.com%2F%3Fp%3D8&vis=1&psz=599x200&msz=750x200&fws=4&ohw=1600&ga_vid=1156439534.1713065009&ga_sid=1713065009&ga_hid=1473917248&ga_fc=false&dlt=1713065007797&idt=782&adks=3355218837&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6ec74cda4695e7c84c2465852f6e5af0120e0f2894e59e344036ee075c5183d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://aa.fhmtk.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://aa.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 03:23:28 GMT
expires
Mon, 14 Apr 2025 03:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZHSVJRPB5R&gtm=45je44a0v9133976942za200&_p=1713065007820&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1156439534.1713065009&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713065008&sct=1&seg=0&dl=https%3A%2F%2Faa.fhmtk.com%2F%3Fp%3D8&dt=%D8%B3%D9%8A%D8%A7%D8%B1%D8%A9%20%D8%A8%D9%88%D8%BA%D8%A7%D8%AA%D9%8A%20%E2%80%93%20aa&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2133
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHSVJRPB5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 14 Apr 2024 03:23:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aa.fhmtk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-9157224696357601
fundingchoicesmessages.google.com/i/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9157224696357601?href=https%3A%2F%2Faa.fhmtk.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157224696357601&plah=aa.fhmtk.com&aplac=true&bust=31082672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
661cb5076d6de29698ac1662325adc0ee01a27110c25e1e4429184e0f251f676
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yGWT2eUVN5s8vEeYbcAxaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-yGWT2eUVN5s8vEeYbcAxaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo4NM95uYBO48HtiPzMA_tYrRQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
aa.fhmtk.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.fhmtk.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.46 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business138-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/?p=8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:28 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 21:37:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4676
AGSKWxUe_x8H-ziPbIYP4kooq78ztMxvpWa_VGtQ-E6zLQcgrWAbDRce8hGhPsXK1jH3k7Ac67NQuZdF06H7Evy9FaKrcjRQtpSNVpNVzTRMoKCgSzKZ8RGIuFutcUl6hIloDP7lsa_TDg==
fundingchoicesmessages.google.com/f/ 		371 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUe_x8H-ziPbIYP4kooq78ztMxvpWa_VGtQ-E6zLQcgrWAbDRce8hGhPsXK1jH3k7Ac67NQuZdF06H7Evy9FaKrcjRQtpSNVpNVzTRMoKCgSzKZ8RGIuFutcUl6hIloDP7lsa_TDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMDY1MDA4LDkzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hYS5maG10ay5jb20vIixudWxsLFtbOCwiZ3R4dkhWcnNBdHciXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMTQ2XSxudWxsLDEyXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMwelkfqZL0zPQw3yI4VBWUNtzTeBw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24337769996c75a0c478e2d79ae77f9ddfe426599c4664c913d59a61035dc419
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SLVggF9GB-kSsfv45Kp4Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-SLVggF9GB-kSsfv45Kp4Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo6NM95uYBOYMeU4IwDN7ypC"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame 462D 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 462D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 462D 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 462D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 462D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame 462D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 01:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 03:23:29 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7515342186712402129/ Frame 462D 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7515342186712402129/14763004658117789537
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa6446e57581ec80184234e7d7ba575b8ee72e4999b07967a498736296b9893d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 13 Apr 2025 22:17:09 GMT
date
Sat, 13 Apr 2024 22:17:09 GMT
x-content-type-options
nosniff
age
18380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87653
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 09:20:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/10110654375604719762/ Frame 462D 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10110654375604719762/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c35d1026745d22cc3e8260fb534e24e71bfd519286d24d204acd2015744f2002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 10 Apr 2025 09:41:29 GMT
date
Wed, 10 Apr 2024 09:41:29 GMT
x-content-type-options
nosniff
age
322920
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10676
x-xss-protection
0
last-modified
Sun, 23 Jul 2023 15:06:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 462D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31240eadfb8c6d44558ed86dea062f6461f34e64e7b86037aaf159c59f024989

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 462D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 18:47:05 GMT
x-content-type-options
nosniff
server
cafe
age
30984
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sun, 14 Apr 2024 18:47:05 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 462D 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 19:48:29 GMT
x-content-type-options
nosniff
server
cafe
age
27300
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 14 Apr 2024 19:48:29 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwk61vKr_lXaz8aBmX4W9RvMB1twQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 03:23:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 03:23:29 GMT
NKJ9cblpbe147sC9asz1qPSyUc0okVbkCgcSWL6KVFmw4RuJbu864GEIr28d7f5tlLKdi8VIoOmQ2YgZSpqZWyCx237f1pBjNeUqt7WFL6_cLgLr-lE=h60
lh3.googleusercontent.com/ 		400 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/NKJ9cblpbe147sC9asz1qPSyUc0okVbkCgcSWL6KVFmw4RuJbu864GEIr28d7f5tlLKdi8VIoOmQ2YgZSpqZWyCx237f1pBjNeUqt7WFL6_cLgLr-lE=h60
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2d8d37f15bae521594f4ba9e96ab45887091bf18f8e33fa98a32ce8158595584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:05:51 GMT
x-content-type-options
nosniff
age
1058
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 15 Apr 2024 03:05:51 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 02:46:41 GMT
x-content-type-options
nosniff
age
88608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 02:46:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
103053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 22:45:56 GMT
AGSKWxVUbK_9AeT_uw5NZO7MpT62VgNIUW4yjPrW5IhZy6UwceVGpjF9W5Refvpwtjp38f7HRkrpvcr88_REbxDpaTJvxh0raYC2HLYz6KrD0EfTfl3VM_WwixTZYhtEwdYB4v4clVvN6g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVUbK_9AeT_uw5NZO7MpT62VgNIUW4yjPrW5IhZy6UwceVGpjF9W5Refvpwtjp38f7HRkrpvcr88_REbxDpaTJvxh0raYC2HLYz6KrD0EfTfl3VM_WwixTZYhtEwdYB4v4clVvN6g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMwelkfqZL0zPQw3yI4VBWUNtzTeBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mmVpxGvXqvDBmPpsQxCKcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Apr 2024 03:23:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-mmVpxGvXqvDBmPpsQxCKcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1gDgFiIh2PjjLcb2AQWTHyzgBEAxu0MTw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aa.fhmtk.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 462D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 18:30:08 GMT
x-content-type-options
nosniff
age
464001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 18:30:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 462D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
84763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 462D 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame BF2E 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame BF2E 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame BF2E 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame BF2E 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame BF2E 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame BF2E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 02:50:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 03:23:29 GMT
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame BF2E 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 18:47:05 GMT
x-content-type-options
nosniff
server
cafe
age
30984
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sun, 14 Apr 2024 18:47:05 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame BF2E 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 19:48:29 GMT
x-content-type-options
nosniff
server
cafe
age
27300
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 14 Apr 2024 19:48:29 GMT
truncated
/ Frame BF2E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a13c2583371fd6789e0c10a8be35988d2a869a8dd5c7bba2afabdb3c3aeb540c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BF2E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://aa.fhmtk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 04:01:15 GMT
x-content-type-options
nosniff
age
429734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 04:01:15 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame BF2E 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404020207000/ Frame 01F6 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56213
x-xss-protection
0
server
sffe
etag
"7e4dd33cf682b10c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 01F6 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5210
x-xss-protection
0
server
sffe
etag
"44a9302e284ff824"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 01F6 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29000
x-xss-protection
0
server
sffe
etag
"912e9e1747c13481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 01F6 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"8056a1478fce934f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404020207000/v0/ Frame 01F6 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404020207000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 Apr 2024 17:10:44 GMT
age
468765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"fb28af55f7a959b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Apr 2025 17:10:44 GMT
css
fonts.googleapis.com/ Frame 01F6 		14 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 03:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 02:50:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 03:23:29 GMT
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 01F6 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 18:47:05 GMT
x-content-type-options
nosniff
server
cafe
age
30984
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sun, 14 Apr 2024 18:47:05 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 01F6 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 19:48:29 GMT
x-content-type-options
nosniff
server
cafe
age
27300
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 14 Apr 2024 19:48:29 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 01F6 		33 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

date
Tue, 09 Apr 2024 04:01:15 GMT
x-content-type-options
nosniff
age
429734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 04:01:15 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6415048236114373349/ Frame 01F6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6415048236114373349/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a50d8432cb730393f526f4796822acf8059e0ed15e090b3a05d6f9bc9cfe285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 12 Apr 2025 21:33:37 GMT
date
Fri, 12 Apr 2024 21:33:37 GMT
x-content-type-options
nosniff
age
107392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3595
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 09:21:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/4924543055559037091/ Frame 01F6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4924543055559037091/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: aa.fhmtk.com
URL: https://aa.fhmtk.com/?p=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 00:41:49 GMT
date
Thu, 11 Apr 2024 00:41:49 GMT
x-content-type-options
nosniff
age
268900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4885
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 13:32:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 01F6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9837e1a707f7f93e7b95311a2e9471fd917600c63cb3243fc8cc6454915b1996

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
adview
pagead2.googlesyndication.com/pagead/ Frame 01F6 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
7979d49554fc8a5ed50f0b1534727cafa05777db25aaa64dfbb6646b163b6464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12378
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://aa.fhmtk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 03:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 03:23:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://aa.fhmtk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
67052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 08:45:58 GMT
expires
Sun, 13 Apr 2025 08:45:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CAX53MEwbZrX2JrHC7_UPkOyIgALfn7PYdOue_OCJEuqC2_ORDhABIODMrKIBYJWCgICYB6AB2qKD-ynIAQmpAqGDRW9GBrI-4AIAqAMByAMKqgTvAU_QSPf6Nwf3cMeqZ-rZZfT8WcS3mQdOwtQqQvJkuE5sLn79YcLMiR5iSwH9WdET5HwWQVInFzYmYKkUVDFtES4K-nC6wxBPn5MpeDO2OAjCWUGEuf9LuG2ZW19wo1KoliI0hXLtFadsBRKcCwS2_oky_HnDMvRVd0i9YFmPiAdHi5ng2we3DeIMhrAMdLChQt0JcnmWT4Irr8XNl9WLnLAdslR6zr-edHsBnvsvVif4vc8iv7ss1T4gFhbg4yxZYdqUCbk7ue7cKp0Xlj5d4K1A6AMs-xXIt_DRz0Tn5NcDGB9JGuQ06XEuXPqLJfzEwASFu_SzxQTgBAGIBYnrl9VNkgUECAQYAZIFBAgFGASgBi6AB9ra09oEqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQLYBwDyBwQQvLEg0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WMn3w7rgwIUDmgkZaHR0cHM6Ly9xdWVzdHRpcHMuY29tL2RzcoAKA8gLAeINEwjcmsS64MCFAxUx4bsIHRA2AiC4E-QD2BMN0BUBgBcBshcfCh0IABIUcHViLTg1MTEwNDg2Mzg1MjAxMTgY9dCeAbIYCRICsFMYLiIBAA&sigh=2_-EnRfIkGQ&uach_m=%5B%5D&ase=2&nis=5&template_id=484&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C6NIsMEwbZpT8OfXD7_UP1NGjcI3emOlN-6q2x7UB1a6MqMwBEAEg4MysogFglYKAgLQHoAGJxentA8gBAakCoYNFb0YGsj7gAgCoAwHIAwqqBPEBT9C9_Pe2hgzbfaK_th7NnLyIhuoC52kpj76jf41s55rtTp1BdCJ6lszjwMr_hh5DwXeq4HRWcFjqW-OLP-_V67Zaode3_b8COf4HcCrvvE3bbcibuiYxhIxLsmtLZsYiME8Ce-4ETcOPhZr6qFsjD7SzPiZ1uXooleVgu_znwouCMse2cI9_FrXPtvH8wK1C6wMtwcId093FWFtKxqONbsvwUCKyf-J9FFk93vOWPihHuVGvi-qmwHP9Mpjc5V0N7K1yMqIo4VG4hQDff1T9-455eT7LEZZ7U12oFoNtmL_6gW7RBEW4VIJnlZO0IPUqnsAEy7zE-THgBAGIBfuUw36SBQQIBBgBkgUECAUYBIAH37qWEqgH2baxAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrEC2AcB8gcEELyybtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliX_MO64MCFA5oJNmh0dHA6Ly93d3cua29obHN0YWVkdC5kZS90ZWNobm9sb2dpZW4vZnJvbnRmb2xpZW4uaHRtbIAKA8gLAeINEwjGosS64MCFAxX14bsIHdToCA7YEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItODUxMTA0ODYzODUyMDExOBj10J4BshgJEgKYaRgBIgEA&sigh=vPB3F6DG-H4&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CspdwMUwbZvfpE9_E9u8PktiYwAvw9dWKdqGHlrzOEvrs0p-RDhABIODMrKIBYJWCgIC0B6ABysiD-ynIAQGpAqGDRW9GBrI-4AIAqAMByAMKqgTzAU_QJg2sjK4c3CGh59l3gsG77EIQwjg5csb1uUucGJm2iicGl-XachyoVJr1msUhOa-wD0UbCwAxfERmgGtpjvKIFyu670boVwnErgGDZZ14QTelLUAXjnhvo77Bj4y0P1poPSxX0jzvy3mbmziQx1P3LI4B1bFqSTJ_V2GCLItpcgyUP-DoHTuLzedKx96Y-GUoeMPfXitGIBBL3jbx2uzWUZEnQvbECh1zON2zgbBDcpp6dcND5aE2d7N4EN4k4Kdl6mS3UetpfD67xIV4vgvj_a9Ewyz4cpNlNw-abqLs31ZI2D3W4Jh4HXaeAhdVme1Lg8AEy5D7veYE4AQBiAWX_LKzTpIFBAgEGAGSBQQIBRgEgAfKgNTaBKgH2baxAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrEC2AcB8gcEEPeoUtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOli3qMW64MCFA5oJG2h0dHBzOi8vdGVtcG9zZWFyY2guY29tL2RzcoAKA8gLAeINEwjA4sW64MCFAxVfov0HHRIsBrjYEw3QFQGAFwGyFx8KHQgAEhRwdWItODUxMTA0ODYzODUyMDExOBj10J4BshgFGAEiAQA&sigh=KB8HG0CTex4&uach_m=%5B%5D&ase=2&nis=5&template_id=5007&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404110101&jk=3147661605416908&bg=!7u2l7aLNAAbi8lI9wvI7ADQBe5WfOKQoxGyoh3DooBuScI19SuQAM3u0U-vR5g6pf_itlaSW2rD-7z7C1Z7Ls6UXH11oAgAAACZSAAAAAWgBB34ANVsDF97ZIYB3gaDiImkhHdafrFDM97MRn8aIN29QG6cAN7aVtCOuIh39OZfLm8EBOFjOO82pmQKR4FW_6gh4DLztYSP4NpVCQU958elJkvCddGOxALUs8vySozuFCyDQdmE3iNnhtuJxOHirNUVUvMIpAQ43V4gNM7GVPhawtk73aPnLrQDvKZt3GnGWv1yUfYV1YEbnr9kcbA7QC4BcQjhQeZ0rOsaioA3uYBE0jTf_LX4h372bsOyw_CZVFhFLfMW2PnPloINEPGuSCkxvPhrZ3HOOrIwwsg0BL7uTZ7_LURNqsk00suTUi1pbqMnb7czxBXIZDzTvarb_Xm781bFg8HDOA9dSobYx5h0npFznARmafSn1o_rVxe5KwPdzEufomJhKOraUfVbwaW82BlDZHTSF9Du5IdWJ5cv0esycUdzTbFpQKr6iYbnp2hHOg72mwyY8W_0_Cv_iBqb3vfib84tMu4Jpmp7tvVtdr55GPrJhbo-6m413sws45DMxA7B1heHilSEcUwa9v8qVb2YjOsNsPSmL295hLJGi7f-08DDEj4ticpj-InZW7yHmM2my1nuuBnEizdA7tvE8ANAUT7heBSWvrYqnzT4Y9pW1WmaqATJxJbmxN_ien_5fMdkI0IbAPxfef8EKczCkUAIkXCDXeZp5pIwPqgWiICzrTD1u34aBiBC_wHDlMf04ra8gyrTaDN1nUKu1F6IUsGj1gd7cdaTUzt9jnQCK2FDXYxgLGoF7Hfir6Wy7Z71Sk7-AmO3dqJJIhn2kXNumf2IuI-IKAw0Hesx6EA2AINsE7KdQPL0tJwQXNhzg8dt66aLlVywDj7qBLpWy6a9oswJvM-sK41pK4DdwNjEsZTWYAzQHOB94by8LGEKB6vAMB9HdfjI3c5RB_mn78mwhj3nH4Volb7c71FRQiqOfm6T2bB10sVggRJhC

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| gtag object| dataLayer object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map object| gaGlobal object| google_tag_manager function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run function| WOW function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| addComment object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTIzMjI3NWQwNThjMjM4Y2xvYWRlcl9qcw== string| OTIzMjI3NWQwNThjMjM4Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

4 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o3e3nq-d782f68c28dc6ae748-00M
.fhmtk.com/ Name: _ga_ZHSVJRPB5R
Value: GS1.1.1713065008.1.0.1713065008.0.0.0
.fhmtk.com/ Name: _ga
Value: GA1.1.1156439534.1713065009
.fhmtk.com/ Name: __eoi
Value: ID=07a6196c85c01d82:T=1713065008:RT=1713065008:S=AA-AfjZRsCMCcoa271wLhG2L6Sw3

1 Console Messages

Source Level URL
Text
other verbose URL: https://aa.fhmtk.com/?p=8
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.fhmtk.com
bit.ly
cdn.ampproject.org
fd832550f37e7700e4aa0df803ca08a6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.google-analytics.com
secure.gravatar.com
securepubads.g.doubleclick.net
striveme.com
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.129
142.250.185.98
172.217.16.206
2001:4860:4802:34::36
2606:4700:20::681a:11b
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a04:fa87:fffe::c000:4902
66.29.132.46
67.199.248.11
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
014d1396c9dcab6c33acbe7d8def9909c59352474aeede15759cfc04146196a7
0a6df6061433cb941cfb2ddcfb11c78f11c17a68b39e668b30dd0500a60b5084
24337769996c75a0c478e2d79ae77f9ddfe426599c4664c913d59a61035dc419
24cd49deda453a2cef4d9f8d36e606af1040c874d651714ef5f24de9d848b772
2a3b17dc58fc3d46410ae253e31e3d4bd4af253ec4c63564a0ee1505d1d515e6
2d8d37f15bae521594f4ba9e96ab45887091bf18f8e33fa98a32ce8158595584
31240eadfb8c6d44558ed86dea062f6461f34e64e7b86037aaf159c59f024989
316148a2ba4e5ed0c0d45c7082fe48fc4e529661c0ffa7e971ce2b53948528d9
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e34a19e0b985c840177b483cc1fad9b02a2ede18773f92acf35c73cfe6eed4e
4c2e92c45a2c2768dc59e9e9d62582bcf44d2326a2b16072d9619a60af6a398a
4de08ad9a8340a27a3018b83ec2dabe45abec49649756fb6469d6f3fc6ee155f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c5fc28ce44a85aa9bd50293ca885694f7b5ec92ef58fde6484ef53054b228e
5932f16f1332a5e98a6dd96deb6d91583e3491ce4fecb3e04ac38d6ae402fb4a
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5e23805894e3e275d230f093240718dd821c97b01d4ab589e13ed8579dbb4149
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
661cb5076d6de29698ac1662325adc0ee01a27110c25e1e4429184e0f251f676
6a50d8432cb730393f526f4796822acf8059e0ed15e090b3a05d6f9bc9cfe285
6ec74cda4695e7c84c2465852f6e5af0120e0f2894e59e344036ee075c5183d4
7979d49554fc8a5ed50f0b1534727cafa05777db25aaa64dfbb6646b163b6464
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8762c3da365e2c392b99d8ca2ee3bab9157dd95df7abb86d0f9a3681b22a48c8
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9837e1a707f7f93e7b95311a2e9471fd917600c63cb3243fc8cc6454915b1996
9a4e781b76acf550e23ccd72a4b24b1bb8e3e6a65b4dfedcd7a63efac971d46a
a13c2583371fd6789e0c10a8be35988d2a869a8dd5c7bba2afabdb3c3aeb540c
a3fcd3f349d4f722c369f971da1277964acfee47dd680aa4ce8e4b9cfbcc4abc
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
aa6446e57581ec80184234e7d7ba575b8ee72e4999b07967a498736296b9893d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b9122761c316ef0bf7010f8a4005233de4a7963a7fa519cf50955a4e354f3729
ba7bd717805c57c56449adc5a491ab70a498e89d7758fb859fc2e34c9ac4516f
bd73951c092685c7082ee5b818d0acac281defa82dfb12efc983c73882ae5a56
c3597662d7d32f7b62cbcb638b32a4185c0220de68da09089f397e622a45fa6a
c35d1026745d22cc3e8260fb534e24e71bfd519286d24d204acd2015744f2002
c7abda310bc9e6784d9908b4ffe6759119df3208ed87cea0c82e2e5a52f6d354
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce44ccff82fc30d850f4b9ce5d47b1b727f9600d24b0f3bf2b755d7e0795304c
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
daf6aaa186a4d54af9938e17fbf8bb7b9fe3f3345f93d6cf0c3360cab8c9ae0f
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c4ff4f80cf80430f1e16d5cec003df557364e201b472f29522181503c46f02
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f0f3825ab5a948a650d9276b8c3ed43db6f36ac1e7d150c134bc2685e537131b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615