t3aonline.net Open in urlscan Pro
185.17.144.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t3aonline.net/
Effective URL:
https://t3aonline.net/
Submission: On November 26 via api (November 26th 2023, 4:35:44 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 87 HTTP transactions. The main IP is 185.17.144.132, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is t3aonline.net.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time t3aonline.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	185.17.144.132 185.17.144.132	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
13	2a00:c98:2050... 2a00:c98:2050:a054:4::	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
87	16

38 185.17.144.132 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: ripper.icetex-hosting.net

t3aonline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info.server.cnc-online.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:c98:2050:a054:4:: (Dortmund, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

ads.revora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bar.revora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	t3aonline.net 1 redirects t3aonline.net	1 MB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	271 KB
13	revora.net ads.revora.net bar.revora.net	28 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	47 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
1	cnc-online.net info.server.cnc-online.net	1 KB
87	13

	Domain	Requested by
37	t3aonline.net	1 redirects t3aonline.net
12	bar.revora.net	t3aonline.net bar.revora.net
9	pagead2.googlesyndication.com	ads.revora.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	t3aonline.net www.google-analytics.com
2	www.paypalobjects.com	t3aonline.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	info.server.cnc-online.net	t3aonline.net
1	ads.revora.net	t3aonline.net
87	17

This site contains links to these domains. Also see Links.

Domain
www.revora.net
www.facebook.com
discord.gg
revora.net
www.the3rdage.net
www.gamereplays.org
server.cnc-online.net
forums.revora.net

Subject Issuer	Validity	Valid
t3aonline.net R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
ads.revora.net cPanel, Inc. Certification Authority	`2020-12-31` - `2021-03-31`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
bar.revora.net R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
server.cnc-online.net R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://t3aonline.net/
Frame ID: DD323EC08F13575B2E9021115933458B
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 29DE9C0544FFDA616C0A0591B4548F57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=1101144753&adf=2449995658&pi=t.ma~as.8497838249&w=120&lmt=1701016538&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538613&bpp=162&bdt=285&idt=347&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6112418084331&frm=20&pv=2&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1468&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363
Frame ID: 6204171DB340C6B83E234A436111D206
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1701016538&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538791&bpp=2&bdt=462&idt=194&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8497838249&nras=1&correlator=6112418084331&frm=20&pv=1&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202
Frame ID: A9965637E4C8F00ED89C379727444940
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F6FC8610B19701E6CF07944CF2392770
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 00A3BEC9D70F947F3142CF1E54EB2B76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 021F5C22F99C5D2D23F8467414CD7B7E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9CF10906590FCE21A637C7F500AE716
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T3A:Online - The Return of BFME Multiplayer

Page URL History Show full URLs

http://t3aonline.net/ HTTP 301
https://t3aonline.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

1675 kB
Transfer

2643 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.revora.net/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BFMEOnline/
Title: Find us on

Search URL Search Domain Scan URL

URL: https://discord.gg/QezNqAs
Title: Join

Search URL Search Domain Scan URL

URL: https://discord.gg/y2aWKvG
Title: Discord server

Search URL Search Domain Scan URL

URL: http://revora.net/

Search URL Search Domain Scan URL

URL: http://www.the3rdage.net/

Search URL Search Domain Scan URL

URL: http://www.gamereplays.org/

Search URL Search Domain Scan URL

URL: http://server.cnc-online.net/downloads/t3aonline/T3AOnline_2.1.3.msi
Title: T3A:Online launcher

Search URL Search Domain Scan URL

URL: http://forums.revora.net/forum/2671-t3aonline-support-talk/
Title: T3A:Online support forums

Search URL Search Domain Scan URL

URL: http://forums.revora.net/topic/87750-t3aonline-installation-support/
Title: read this installation topic

Search URL Search Domain Scan URL

URL: http://forums.revora.net/topic/87772-fixing-connection-issues-port-forwarding-guide/
Title: read this connection topic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t3aonline.net/ HTTP 301
https://t3aonline.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=C2jXw23NjZbWiCZ6Aid4PqNiXwAWgyPmgdJjGhNX2EevOsNXVQRABINrz6xBgldL2gZQHoAGOyLDQA8gBAakCB8Q0K5Nasj6oAwHIA8sEqgTEAU_QVPIJAGZRSOolwzhz3HoxfCthJ1x_Dmg2HVgBQwg4Zmta3yg7kKbTrRcbU6OWQVgXPZ6X_S9REc9enRnUOC-C5EyR6R-Dl_sQj5HbRF2cwyrYSsc9Y5L3js11TeEuWEmWBAnQobpOwX9jbdGTMT0SBvfB_pNyegeo0Yzzy0tOB9v5GRdRJAN3UZ1dau3Rsp2t_jsZlnJrKzgA3K5Rv9LSlQbtSR5-up298M3vaNX5CPpe2nT3Uz25m0jS4yVJnqisXxPABKbM98jSBIgF2P7DtU2SBQQIBBgBkgUECAUYBIAH4N6UM6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJSaBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCdcBaHR0cHM6Ly93d3cuYXZpcmEuY29tL2RlLWJsYWNrZnJpZGF5MjM_eC1jLWNoYW5uZWw9JngtYS1zb3VyY2U9Z29vZ2xlJnV0bV9zb3VyY2U9Z29vZ2xlJngtYS1tZWRpdW09Y3BjJnV0bV9tZWRpdW09Y3BjJngtYS1uZXR3b3JrPXNlYXJjaCZ1dG1fY2FtcGFpZ249ZGUtZGVfYXZyX21peF9kaXNfcHJvX25hdV9uZnJfYWR3X2R0cF9sb3c6bWtnY19iZmNtJmdjbHNyYz1hdy5kcyaACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItMzg2NzgzOTYwNzM5MDI5NRgA&sigh=jvlqkcFYHoE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNPESSdE-KeM5it7ufDvFGnGAp4xa2yZanDeQQ9n_98yGXpZ-r2nxT5liGnwZKJ5V3HfNXBjHQQwq0RlUkk0Lmn5E0T9ZniHjYltoYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223952675759000448835%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973874190%22],%224%22:[%2211-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215397131385474417137%22}&andc=true

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
t3aonline.net/
Redirect Chain

http://t3aonline.net/
https://t3aonline.net/

13 KB
5 KB

55ms
23ms

Document
text/html

185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://t3aonline.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

ripper.icetex-hosting.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3b23b6c59e5c613104a313d2e10ccb02add0e88201815a398b5f6d14d0332f74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 26 Nov 2023 16:35:38 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Cookie
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Sun, 26 Nov 2023 16:35:38 GMT
Location: https://t3aonline.net/
Server: nginx/1.14.0 (Ubuntu)

GET
H/1.1 200
OK normalize.css
t3aonline.net/static/main/css/ 8 KB
8 KB 15ms
12ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/normalize.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1e1c"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7708

GET
H/1.1 200
OK bootstrap.min.css
t3aonline.net/static/main/css/ 107 KB
107 KB 28ms
13ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/bootstrap.min.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 33cf87333f31ef34afa4cd2e2542059953bfd539d305b14cee9bf50bd6e4e2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1abed"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109549

GET
H/1.1 200
OK jquery.fancybox.css
t3aonline.net/static/main/css/ 5 KB
5 KB 38ms
12ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/jquery.fancybox.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b6c82e597db8a41a9f1f39774d48c21446f13d0abebebe752c6b40b9e25e115c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-13af"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5039

GET
H/1.1 200
OK style.css
t3aonline.net/static/main/css/ 15 KB
15 KB 50ms
25ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/style.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe0f677319b466d9ab2663327d932e54ce5766431a153902f69b0bb37e36654c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-3a71"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14961

GET
H/1.1 200
OK bfme1.css
t3aonline.net/static/main/css/ 3 KB
4 KB 39ms
13ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/bfme1.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f44ebddbc891891da98c1fe22881ebb93b699d5b99f2c3ba0a56e9a8c523aa03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-d4e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3406

GET
H/1.1 200
OK serverinfo.css
t3aonline.net/static/main/css/ 2 KB
2 KB 39ms
13ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/serverinfo.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 78043fee064dc84954f0d07fe74e6db27d212a351cbb3ef7f1aa007b962d9131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-81b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2075

GET
H2 200 adscript.js Show response
ads.revora.net/static/ 7 KB
3 KB 177ms
21ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revora.net/static/adscript.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 72741acd66724a989274233e8d64bb667389ec0bff47750ecf9099ae5d0c784e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2016 17:54:41 GMT
server: Apache/2
etag: "1a45-532bcf8163a40-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2424

GET
H/1.1 200
OK logo_t3aonline.png
t3aonline.net/static/main/images/site/ 32 KB
32 KB 39ms
27ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/logo_t3aonline.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 93aa4b714e82fbd1f23513444beff66497114f31333eda57092b18a4032624fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-7e04"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32260

GET
H/1.1 200
OK fb_logo.png
t3aonline.net/static/main/images/site/ 1 KB
1 KB 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/fb_logo.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 494efdd49838663812cd4aa12f6dcf844d8635b979eed56147a21b0fc5469b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-4c5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1221

GET
H/1.1 200
OK discord_logo.png
t3aonline.net/static/main/images/site/ 1 KB
1 KB 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/discord_logo.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 59115834e1562bff544865d75ab7af3e2d26eb0733f8058f839e1d7099302008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-469"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1129

GET
H/1.1 200
OK paypal_logo2.png
t3aonline.net/static/main/images/site/ 2 KB
3 KB 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/paypal_logo2.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 83ccfff4490319b094df6902a815cdb15c41abbfdcaef2683ac1b0d85d7815ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-936"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2358

GET
H/1.1 200
OK frame_tc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 4 KB
5 KB 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2471cf34ff0fcf1018f427e15b20f624dc61c37a98cfebb429f5918f3d0970c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1193"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4499

GET
H/1.1 200
OK frame_lc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 5 KB
5 KB 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_lc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef64649cc13231b80be0fc92ce6d7dd8c9a474cb8c941796549800cd79520a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-12e1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4833

GET
H/1.1 200
OK revora_small.png
t3aonline.net/static/main/images/site/ 11 KB
11 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/revora_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 15196e5bdae365fbd92fc062324e33a913f9cfdc2e68a8808e1699fa8fea809a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-2bbc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11196

GET
H/1.1 200
OK t3a_small.png
t3aonline.net/static/main/images/site/ 15 KB
15 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/t3a_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f8f6ea5dbb38c064389db4b0ff61017d22173d2dfcac263a51201ab4e1a568c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-3c29"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15401

GET
H/1.1 200
OK gr_small.png
t3aonline.net/static/main/images/site/ 9 KB
10 KB 16ms
16ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/gr_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e21f2c58801101e489ab92416f5ae4a142411b7e9b657b07182aba1cef543f46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-255b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9563

GET
H/1.1 200
OK bfme2_rotwk.png
t3aonline.net/static/main/images/site/ 161 KB
161 KB 17ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme2_rotwk.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7d1aa9090770bfe95f96bd03128e1cd659a17f3ceb0155c18e77f2084f58af39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-2828c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164492

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/btn/ 1 KB
2 KB 46ms
8ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/btn/btn_donate_SM.gif

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C82) /

Resource Hash

b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 773f60b20da10
dc: ccg11-origin-www-1.paypal.com
content-length: 1447
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/4C82)
traceparent: 00-0000000000000000000773f60b20da10-b9fcfc76466c331b-01
etag: "5d5637bd-5a7"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sun, 26 Nov 2023 17:35:38 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/scr/ 43 B
183 B 47ms
10ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/scr/pixel.gif

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D0A) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 2be0e3f6081c5
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4D0A)
traceparent: 00-00000000000000000002be0e3f6081c5-00fb637fc6d9f553-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sun, 26 Nov 2023 17:35:38 GMT

GET
H/1.1 200
OK frame_rc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 5 KB
5 KB 17ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_rc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec1c81d004f3a59fb1360e1a3d31ee5ec8343149f953a4a9ef29a0f754128522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1255"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4693

GET
H/1.1 200
OK frame_bc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 4 KB
5 KB 16ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_bc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 732f27153a5a21e285b6a5a5037fa7a72e5a4758b37d681965bdf66420a38a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1118"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4376

GET
H/1.1 200
OK jquery.min.js Show response
t3aonline.net/static/main/js/ 94 KB
94 KB 14ms
13ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/jquery.min.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 48c3710b29907479d3e9313e2ab9bf5d0f62a1cd378f2376ad9fd20b911ecf2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1762b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95787

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
t3aonline.net/static/main/js/ 23 KB
23 KB 27ms
27ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/jquery.fancybox.pack.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-5a5f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23135

GET
H/1.1 200
OK serverinfo.js Show response
t3aonline.net/static/main/js/ 8 KB
8 KB 15ms
13ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/serverinfo.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 179de6e08aeff5057b1f82239a8cc1dee448092294f988891702703bb74e1185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1f8c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8076

GET
H2 200 bar.js Show response
bar.revora.net/ 2 KB
832 B 97ms
22ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: fc23d6412c7b248fab040a2b6639ff2e8b7fc8fe04ae8dc2595c48bdd0c29910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2016 23:45:12 GMT
server: Apache/2
etag: "674-532adbfca7200-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 675

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
10 KB 94ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.revora.net
URL: https://ads.revora.net/static/adscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c36d8e8de19af1c550c7ee91467a1fd2a78e0e403e8586cf3209761e969bff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10184
x-xss-protection: 0
server: cafe
etag: 17214728890716361761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:35:38 GMT

GET
H/1.1 200
OK head_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 524 KB
524 KB 27ms
26ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/head_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4851979181f534b0e131fda476bc76238f94e271670bbbba7995a48e10d0bc60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-83085"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 536709

GET
H/1.1 200
OK userbar_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 6 KB
6 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/userbar_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 884bf116007f250562b57f28d782d80b6130ed7343942aced03a08dd049b15bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1866"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6246

GET
H/1.1 200
OK bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 8 KB
8 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa9bf85920aefa3e221aef0d61a71a95b213faf0874ede1f393152f42e7ac7cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-202e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8238

GET
H/1.1 200
OK frame_tl.png
t3aonline.net/static/main/images/site/bfme1/bg/ 308 B
555 B 21ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tl.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66a0577fea988532c0eb95fc61c41ac6eac979e6c9771493fab516f71ab13c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-134"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 308

GET
H/1.1 200
OK frame_t.png
t3aonline.net/static/main/images/site/bfme1/bg/ 299 B
546 B 21ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_t.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1b8c66888665edcd9465ce192cf5ba528880a75047fa57950b7843666d0c0e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-12b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299

GET
H/1.1 200
OK frame_tr.png
t3aonline.net/static/main/images/site/bfme1/bg/ 320 B
567 B 21ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tr.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b42b3088b5dcdfef483335a041a4f4a0913443e6fc7dac1716db9655e88d98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-140"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

081a6425f4b3594e4e73886a681477edadf84f4c281854fb7247ed3e5d9a6b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52736
x-xss-protection: 0
server: cafe
etag: 15231884842261699904
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:35:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 15:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 26 Nov 2023 17:49:38 GMT

GET
H/1.1 200
OK frame_l.png
t3aonline.net/static/main/images/site/bfme1/bg/ 192 B
438 B 13ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_l.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09690aff18722b3ef68e3d67f9d610ff8329373bf467cbb84c08ac20faef3fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192

GET
H/1.1 200
OK frame_r.png
t3aonline.net/static/main/images/site/bfme1/bg/ 312 B
559 B 15ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_r.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cb76b11fbb1f20e04f99fa5ae8555ffd00d9fec465b72b21edea43e1ccb606fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-138"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312

GET
H/1.1 200
OK frame_bl.png
t3aonline.net/static/main/images/site/bfme1/bg/ 317 B
564 B 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_bl.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 81dbf3790cf70a135b5d84161bebb8b2d6fb4083e587e91886a4b7b8eb31b76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-13d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 317

GET
H/1.1 200
OK frame_b.png
t3aonline.net/static/main/images/site/bfme1/bg/ 3 KB
3 KB 15ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_b.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a589cc012760bf4a51613e143d3f3118f467f870f2e4014996c0c9b01419085

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-b75"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2933

GET
H/1.1 200
OK frame_br.png
t3aonline.net/static/main/images/site/bfme1/bg/ 238 B
484 B 14ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_br.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef401723a5f987ab1255b0ed5b567de6c2ccb39ee9e3b6427e9034d1fc87f71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-ee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238

GET
H/1.1 200
OK bottombar_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 6 KB
6 KB 15ms
14ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/bottombar_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0c11a09e52ccd3b839163bd07d94213588b23fb9aac7e09717f0dd160b8398b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1879"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6265

GET
H/1.1 200
OK ringholder.png
t3aonline.net/static/main/images/site/bfme1/bg/ 19 KB
19 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/ringholder.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a908535933dcc28f0828f9efab43b23991931bcc624ed85cf2bd3ea2a98086e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:38 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-4ced"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19693

GET
H2 200 bar_system.js Show response
bar.revora.net/ 11 KB
3 KB 24ms
22ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar_system.js
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c4ef859427cb7724627a9c82fcf5323dd28c36bd9b22b89e5c06ffb3dc8c06e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
etag: "2cb1-4fd3d6305cec0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2600

GET
H2 200 rnb_default.css
bar.revora.net/ 5 KB
2 KB 24ms
23ms Stylesheet
text/css 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/rnb_default.css
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7156badf9e06c20cec6608b802cb82633c3bafaf62ba711c0d1c95245113a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2016 23:56:31 GMT
server: Apache/2
etag: "14a1-532ade84329c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1737

GET
H2 200 bar_content.js Show response
bar.revora.net/ 40 KB
7 KB 43ms
42ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar_content.js
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 23d98d3f1c3a43aee9f4023a42127fedae05b2b67118efc3bc251854809bf8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2016 13:56:06 GMT
server: Apache/2
etag: "9fac-5331e380d8980-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6893

GET
H/1.1 200
OK / Show response
info.server.cnc-online.net/ 4 KB
1 KB 1139ms
15ms Script
text/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://info.server.cnc-online.net/?callback=jQuery11110681940368820906_1701016538624&site=t3aonline&_=1701016538625
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0753c40fb0ebb339a2fd0e591c5f5ebf7ee94df9e5829300dbb1854dedc1e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:39 GMT
Content-Encoding: br
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 905
Content-Type: text/javascript; charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 16ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1048891449&t=pageview&_s=1&dl=https%3A%2F%2Ft3aonline.net%2F&ul=en-us&de=UTF-8&dt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1833843237&gjid=518078618&cid=1813789270.1701016539&tid=UA-6027426-1&_gid=1313720531.1701016539&_r=1&_slc=1&z=1885987603

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

15d15f9259c487ae6f20f81f016fe395902ddd93ea89aac7d201bf17e4700e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t3aonline.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 16:35:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t3aonline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D77F1PK95G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f1b7f57595a9c91b2312c10d832ca177a450ae2faa4d0637d30bc3c23fdb276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Nov 2023 16:35:38 GMT

GET
H2 200 section-revora.png
bar.revora.net/images/sections/ 658 B
706 B 24ms
22ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-revora.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 95b0a3950851bcf7b5d45eb07e2d18a0666077ddda9e1bc1d0766a919cc24fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "292-4fd3d6305cec0"
content-length: 658
content-type: image/png

GET
H2 200 section-cnc.png
bar.revora.net/images/sections/ 1 KB
1 KB 24ms
22ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-cnc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 81f153eeb5f4623e923029983e8c8f0ac0f485d52e5ad9569bdcb53b9a375f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "492-4fd3d6305cec0"
content-length: 1170
content-type: image/png

GET
H2 200 section-bfme.png
bar.revora.net/images/sections/ 1 KB
1 KB 23ms
21ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-bfme.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c506e90b46af2b80e36cc23516ac15fb03f00df24cda5357d434734cfa2bbfa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "4c7-4fd3d6305cec0"
content-length: 1223
content-type: image/png

GET
H2 200 section-petro.png
bar.revora.net/images/sections/ 2 KB
2 KB 24ms
22ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-petro.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 94cd1b15da1857ed1637f3d9ef293650256a57d261d6e642723e6d673dd46886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "791-4fd3d6305cec0"
content-length: 1937
content-type: image/png

GET
H2 200 section-etc.png
bar.revora.net/images/sections/ 1 KB
1 KB 23ms
21ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-etc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1ca7e2aaa6d6eab6748b20605586049a241c0c020ae7e4086d8f41a523f23656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "4ce-4fd3d6305cec0"
content-length: 1230
content-type: image/png

GET
H2 200 section-donate.png
bar.revora.net/images/sections/ 1 KB
1 KB 23ms
22ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-donate.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 2eb67b833a99fb00e94d2a831c5f05d594e2332287f31269a6c12c39f17d0336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "507-4fd3d6305cec0"
content-length: 1287
content-type: image/png

GET
H2 200 barbg.png
bar.revora.net/images/ 3 KB
3 KB 25ms
24ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/barbg.png
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/rnb_default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7eebede294a23e848a816188a5551725984b01ed240617fb7408c3b8eac826d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "b24-4fd3d6305cec0"
content-length: 2852
content-type: image/png

GET
H2 200 bg-notch.png
bar.revora.net/images/ 3 KB
3 KB 25ms
24ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/bg-notch.png
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/rnb_default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: Dortmund, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 79548dceb70e56b6b956cbb4669e6bfc8e8ae7797152635d48eda12fbf2f289a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "b58-4fd3d6305cec0"
content-length: 2904
content-type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=pub-3867839607390295&plah=t3aonline.net&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d59304812bce269337375586b7131b3428521ab0c3ac8689a898b5681b070f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137285
x-xss-protection: 0
server: cafe
etag: 15239658867485800817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:35:38 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 29DE 9 KB
4 KB 38ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 07:40:25 GMT
etag: 16674218716276178799
expires: Sun, 10 Dec 2023 07:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 52ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D77F1PK95G&gtm=45je3b81v9125682015&_p=1701016538701&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1813789270.1701016539&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Ft3aonline.net%2F&dt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&sid=1701016538&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D77F1PK95G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 16:35:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t3aonline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6204 125 KB
42 KB 876ms
875ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=1101144753&adf=2449995658&pi=t.ma~as.8497838249&w=120&lmt=1701016538&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538613&bpp=162&bdt=285&idt=347&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6112418084331&frm=20&pv=2&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1468&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=pub-3867839607390295&plah=t3aonline.net&bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41cdcdf09faf172b6f648aa69c7a088fea05cfa0b3b98e7cd5d87a4cf621faae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42830
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:35:39 GMT
expires: Sun, 26 Nov 2023 16:35:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A996 0
19 B 30ms
30ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1701016538&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538791&bpp=2&bdt=462&idt=194&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8497838249&nras=1&correlator=6112418084331&frm=20&pv=1&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:35:39 GMT
expires: Sun, 26 Nov 2023 16:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK lock_bfme_small.png
t3aonline.net/static/main/images/site/serverinfo/ 4 KB
4 KB 14ms
13ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/serverinfo/lock_bfme_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 92c3a48c405b464d6d5924eb7d62d62663ee8f86c8700a09874daa762af3cbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 16:35:39 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-e1c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3612

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 6204 9 KB
4 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=1101144753&adf=2449995658&pi=t.ma~as.8497838249&w=120&lmt=1701016538&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538613&bpp=162&bdt=285&idt=347&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6112418084331&frm=20&pv=2&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1468&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:27 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 6204 11 KB
5 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 08:31:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6204 14 KB
2 KB 51ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 16:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 16:29:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 16:35:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6204 2 KB
903 B 16ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:09:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6204 23 KB
9 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:09:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6204 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:16:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6204 20 KB
9 KB 54ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6204 202 KB
64 KB 94ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:35:39 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 6204 37 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 07:40:28 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7858866382639373275/ Frame 6204 2 KB
2 KB 14ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7858866382639373275/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce39346c76bb8edb08ae33d7b36ff731d5eb927f496e4ba606ce9800216b0661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:06:05 GMT
x-content-type-options: nosniff
age: 530974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1884
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 06:17:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 13:06:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6FC 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=1101144753&adf=2449995658&pi=t.ma~as.8497838249&w=120&lmt=1701016538&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701016538613&bpp=162&bdt=285&idt=347&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=6112418084331&frm=20&pv=2&ga_vid=1813789270.1701016539&ga_sid=1701016539&ga_hid=1048891449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1468&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=412838863600280&tmod=23420785&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6204 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b1c1c8ebfc59edf67400bd73c6d3ef638900bd3aafe596a6263df993c7a893c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6FC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
17ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:35:40 GMT
expires: Sun, 26 Nov 2023 16:35:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:35:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6204 33 KB
34 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 458782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6204
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2jXw23NjZbWiCZ6Aid4PqNiXwAWgyPmgdJjGhNX2EevOsNXVQRABINrz6xBgldL2gZQHoAGOyLDQA8gBAakCB8Q0K5Nasj6oAwHIA8sEqgTEAU_QVPIJAGZRSOolwzhz3HoxfCthJ1x_Dmg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223952675759000448835%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%222...

0
0

59ms
42ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223952675759000448835%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973874190%22],%224%22:[%2211-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215397131385474417137%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3952675759000448835","debug_reporting":true,"destination":"https://avira.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973874190"],"4":["11-26"],"6":["true"]},"priority":"500","source_event_id":"15397131385474417137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Nov 2023 16:35:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Nov 2023 16:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3952675759000448835","debug_reporting":true,"destination":"https://avira.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973874190"],"4":["11-26"],"6":["true"]},"priority":"500","source_event_id":"15397131385474417137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
58ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdc3219b2be74397dc488208248aa3187643b3914f2369c5c009f939fb2413f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12238
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 00A3 39 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 108ms
41ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 16:35:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 16:35:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 021F 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 10:16:45 GMT
expires: Mon, 25 Nov 2024 10:16:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9CF 829 B
991 B 25ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5419212efcd803525666b1580f960acfd5ca60f0011c478edd6336bede2a3ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dRbGzM6jcZ_al-zQh_FX4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t3aonline.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dRbGzM6jcZ_al-zQh_FX4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:35:40 GMT
expires: Sun, 26 Nov 2023 16:35:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 021F 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 16:18:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9CF 0
0 117ms
117ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=412838863600280&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 021F 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PjWYPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:35:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=412838863600280&bg=!YmGlYS7NAAZxrfrxUa07ADQBe5WfOGd37GfE1C8keTHNnfvtJ0exE3UTji_cFy0M5c8CT4m1KonotMRqDRDd4KoKB_KJAgAAAE1SAAAAA2gBB5kCvtuA4SEVPFgkYNAjj-CVRe_Hjv8JtyPEu-3uUrCTK477MUowq72u-7xLLAow1phGpqoUkMzqonDtYWnbocnUbg-FsYJk9UHZAtk8s_rjTML0gZoB_nnrHScM4MRe4E1qxWasWDJ7SvBjn2b8AOu_0eeRy90KAdapglR_6aCRw2ipHNZcZR0gZ6_K0VlpNEZCYJYuaWjSDaaEXXkjY9x8g8DGTsZfO6MGk14A5CsD1G7ScsQZBoA2InxjoD12eMWFjEbgumklpUzK71HZfNPpZGPoSVJEkxUuEreC3dqm_WtxjUv6qcsVWE2TDPc0uNfCKTfDVBW2jpMpXMV_L7Esn8hz7eYVGX7EDSJWAIpV9eBLIQM5hr_oRy3K0EgUacQu_BgnTsglSMxsRGpEO10-FMc64dhBQ6R24q4PBvhsGaufr2v9u6L2jAEIqrJVP6stC7A03p2fNapDWoublMtpT18NrbachuNtLxVXIilESqEBY6KOFYdSahcwjBJyIemZIHGsrICtKkCmRX_MT-U1V1Xt-xFki3o8ium_duzdDYFP1DYLIHrYWRFIeINtbpkej2nUUhJC3UdSjuia77mEU4we_v2tClyOKCk-yZIIasX9AZehDq22Nuhqj5B_BL6vbHlx8VU5ux3UafehCpR9PV4XOVWny5kRHe_lwSS3FGUfX4aH2vPLOzfsrNcdSuV64rabBQKE3JALHpHDsUcNFSiIUIIdz4E37xodpLfHGEI5JDY1m7uW8cylNTc03QqcABR4b_iqNSswcFeMvonT9Vjak4CGKQM-gtQCzmlK1wr4vF9jdp0Ra1kJ4xcpsVOokUHBLBmhYLXzyihqak_XPD0x43ky8KG-1UJi6RtmThJiTP8QiGgvZSZ-zOwLsQC4GkYAgyTtMFo9Jj9J9GiWw-06yrip1eWwYsMR61ygWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6204 42 B
64 B 127ms
125ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6zo7Xt6H2RNAwegEQymfkbyPHn__hCqu-lp2Xl1JXdRSYvroEI5DkHLO6Ns2jlqeQAv8PU_T3X_0ywyNivLyPivvl1sUpa2sYFEddptVdWSQJZY_cqQlyL32WHzH7cC6dMXJwjuBWtOz5&sai=AMfl-YTLtWCABFZaTKzqcVztps1n7tmopLgHgpBKVshnLM2EVUiZL0uC2VB7Fj2KZ4vtwCt1OQmDRuZCjKT4H80TRlQ4G-MP9vRAjojK3o9lE_7Noqpx2asGoikuOR69b6Jk-uQN0tYH6jGG0VgA9W-ctw&sig=Cg0ArKJSzIRVF_Jd9AqfEAE&cid=CAQSTwDICaaNPESSdE-KeM5it7ufDvFGnGAp4xa2yZanDeQQ9n_98yGXpZ-r2nxT5liGnwZKJ5V3HfNXBjHQQwq0RlUkk0Lmn5E0T9ZniHjYltoYAQ&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1101144753&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701016538978&rpt=1151&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 16:35:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t3aonline.net/	1970-01-21 02:06:16	Name: _ga Value: GA1.2.1813789270.1701016539
.t3aonline.net/	1970-01-20 16:31:42	Name: _gid Value: GA1.2.1313720531.1701016539
.t3aonline.net/	1970-01-20 16:30:16	Name: _gat Value: 1
.t3aonline.net/	1970-01-21 02:06:16	Name: _ga_D77F1PK95G Value: GS1.2.1701016538.1.0.1701016538.0.0.0
.t3aonline.net/	1970-01-21 01:51:52	Name: __gads Value: ID=f9ba3f4d00ee1f7e:T=1701016539:RT=1701016539:S=ALNI_MbNWmvn8BiW_-jbhOqaiTIxi15uHg
.t3aonline.net/	1970-01-21 01:51:52	Name: __gpi Value: UID=00000ce0e23e3555:T=1701016539:RT=1701016539:S=ALNI_MZS9OfqKpPn2bkn1xm8MWorXPkYKA
.doubleclick.net/	1970-01-20 16:30:20	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:51:52	Name: IDE Value: AHWqTUkzApegtz2FyXdpvCJM57E5xsPSvgykZOsCKm7zXZz2URcGu7AzPgCVVn9I2ts
.googleadservices.com/	1970-01-20 18:39:52	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads.revora.net/static/adscript.js(Line 244) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.revora.net/static/adscript.js(Line 244) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.revora.net
bar.revora.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
info.server.cnc-online.net
pagead2.googlesyndication.com
region1.google-analytics.com
t3aonline.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
142.250.181.226
185.17.144.132
192.229.221.25
2001:4860:4802:32::178
2001:4860:4802:32::36
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2008
2a00:c98:2050:a054:4::
081a6425f4b3594e4e73886a681477edadf84f4c281854fb7247ed3e5d9a6b41
09690aff18722b3ef68e3d67f9d610ff8329373bf467cbb84c08ac20faef3fb8
0c11a09e52ccd3b839163bd07d94213588b23fb9aac7e09717f0dd160b8398b6
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0f1b7f57595a9c91b2312c10d832ca177a450ae2faa4d0637d30bc3c23fdb276
15196e5bdae365fbd92fc062324e33a913f9cfdc2e68a8808e1699fa8fea809a
15d15f9259c487ae6f20f81f016fe395902ddd93ea89aac7d201bf17e4700e2b
179de6e08aeff5057b1f82239a8cc1dee448092294f988891702703bb74e1185
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b8c66888665edcd9465ce192cf5ba528880a75047fa57950b7843666d0c0e03
1ca7e2aaa6d6eab6748b20605586049a241c0c020ae7e4086d8f41a523f23656
23d98d3f1c3a43aee9f4023a42127fedae05b2b67118efc3bc251854809bf8c5
2471cf34ff0fcf1018f427e15b20f624dc61c37a98cfebb429f5918f3d0970c5
2a589cc012760bf4a51613e143d3f3118f467f870f2e4014996c0c9b01419085
2b42b3088b5dcdfef483335a041a4f4a0913443e6fc7dac1716db9655e88d98b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb67b833a99fb00e94d2a831c5f05d594e2332287f31269a6c12c39f17d0336
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33cf87333f31ef34afa4cd2e2542059953bfd539d305b14cee9bf50bd6e4e2b6
35d59304812bce269337375586b7131b3428521ab0c3ac8689a898b5681b070f
3b23b6c59e5c613104a313d2e10ccb02add0e88201815a398b5f6d14d0332f74
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41cdcdf09faf172b6f648aa69c7a088fea05cfa0b3b98e7cd5d87a4cf621faae
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4851979181f534b0e131fda476bc76238f94e271670bbbba7995a48e10d0bc60
48c3710b29907479d3e9313e2ab9bf5d0f62a1cd378f2376ad9fd20b911ecf2b
494efdd49838663812cd4aa12f6dcf844d8635b979eed56147a21b0fc5469b99
4b1c1c8ebfc59edf67400bd73c6d3ef638900bd3aafe596a6263df993c7a893c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59115834e1562bff544865d75ab7af3e2d26eb0733f8058f839e1d7099302008
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a0577fea988532c0eb95fc61c41ac6eac979e6c9771493fab516f71ab13c11
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
72741acd66724a989274233e8d64bb667389ec0bff47750ecf9099ae5d0c784e
732f27153a5a21e285b6a5a5037fa7a72e5a4758b37d681965bdf66420a38a14
78043fee064dc84954f0d07fe74e6db27d212a351cbb3ef7f1aa007b962d9131
79548dceb70e56b6b956cbb4669e6bfc8e8ae7797152635d48eda12fbf2f289a
7d1aa9090770bfe95f96bd03128e1cd659a17f3ceb0155c18e77f2084f58af39
81dbf3790cf70a135b5d84161bebb8b2d6fb4083e587e91886a4b7b8eb31b76f
81f153eeb5f4623e923029983e8c8f0ac0f485d52e5ad9569bdcb53b9a375f54
83ccfff4490319b094df6902a815cdb15c41abbfdcaef2683ac1b0d85d7815ac
884bf116007f250562b57f28d782d80b6130ed7343942aced03a08dd049b15bd
8c36d8e8de19af1c550c7ee91467a1fd2a78e0e403e8586cf3209761e969bff7
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92c3a48c405b464d6d5924eb7d62d62663ee8f86c8700a09874daa762af3cbf5
93aa4b714e82fbd1f23513444beff66497114f31333eda57092b18a4032624fa
94cd1b15da1857ed1637f3d9ef293650256a57d261d6e642723e6d673dd46886
95b0a3950851bcf7b5d45eb07e2d18a0666077ddda9e1bc1d0766a919cc24fc1
a0753c40fb0ebb339a2fd0e591c5f5ebf7ee94df9e5829300dbb1854dedc1e99
a7156badf9e06c20cec6608b802cb82633c3bafaf62ba711c0d1c95245113a73
a7eebede294a23e848a816188a5551725984b01ed240617fb7408c3b8eac826d
a908535933dcc28f0828f9efab43b23991931bcc624ed85cf2bd3ea2a98086e7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
b6c82e597db8a41a9f1f39774d48c21446f13d0abebebe752c6b40b9e25e115c
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c4ef859427cb7724627a9c82fcf5323dd28c36bd9b22b89e5c06ffb3dc8c06e0
c506e90b46af2b80e36cc23516ac15fb03f00df24cda5357d434734cfa2bbfa0
cb76b11fbb1f20e04f99fa5ae8555ffd00d9fec465b72b21edea43e1ccb606fd
cdc3219b2be74397dc488208248aa3187643b3914f2369c5c009f939fb2413f0
ce39346c76bb8edb08ae33d7b36ff731d5eb927f496e4ba606ce9800216b0661
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e21f2c58801101e489ab92416f5ae4a142411b7e9b657b07182aba1cef543f46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ec1c81d004f3a59fb1360e1a3d31ee5ec8343149f953a4a9ef29a0f754128522
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef401723a5f987ab1255b0ed5b567de6c2ccb39ee9e3b6427e9034d1fc87f71c
ef64649cc13231b80be0fc92ce6d7dd8c9a474cb8c941796549800cd79520a97
f44ebddbc891891da98c1fe22881ebb93b699d5b99f2c3ba0a56e9a8c523aa03
f5419212efcd803525666b1580f960acfd5ca60f0011c478edd6336bede2a3ea
f8f6ea5dbb38c064389db4b0ff61017d22173d2dfcac263a51201ab4e1a568c7
fa9bf85920aefa3e221aef0d61a71a95b213faf0874ede1f393152f42e7ac7cd
fc23d6412c7b248fab040a2b6639ff2e8b7fc8fe04ae8dc2595c48bdd0c29910
fe0f677319b466d9ab2663327d932e54ce5766431a153902f69b0bb37e36654c

t3aonline.net Open in urlscan Pro 185.17.144.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

98 %HTTPS

80 %IPv6

13 Domains

17 Subdomains

16 IPs

2 Countries

1675 kBTransfer

2643 kBSize

9 Cookies

11 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t3aonline.net Open in urlscan Pro
185.17.144.132 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

1675 kB
Transfer

2643 kB
Size

9
Cookies

87 HTTP transactions
1 data transactions