www.spytox.com Open in urlscan Pro
143.110.192.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.spytox.com/
Submission Tags: falconsandbox
Submission: On February 15 via api (February 15th 2023, 11:51:45 am UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 40 IPs in 11 countries across 43 domains to perform 149 HTTP transactions. The main IP is 143.110.192.167, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.spytox.com.
TLS certificate: Issued by R3 on December 19th 2022. Valid for: 3 months.

This is the only time www.spytox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	143.110.192.167 143.110.192.167	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
6	23.62.220.135 23.62.220.135	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 5	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
18	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.156.94.30 18.156.94.30	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:6231:b27f:a0d:3cfb	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	3.65.104.22 3.65.104.22	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	18.130.177.194 18.130.177.194	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.65.39.105 18.65.39.105	16509 (AMAZON-02) (AMAZON-02)
1	65.9.86.68 65.9.86.68	16509 (AMAZON-02) (AMAZON-02)
2	18.169.219.247 18.169.219.247	16509 (AMAZON-02) (AMAZON-02)
149	40

1 143.110.192.167 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.spytox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

spytox-3744.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.62.220.135 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-135.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.94.30 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-94-30.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:6231:b27f:a0d:3cfb (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.104.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-104-22.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.164 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.130.177.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-105.ams1.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-68.ams1.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.219.247 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	355 KB
29	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	104 KB
12	kxcdn.com spytox-3744.kxcdn.com	218 KB
11	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 108 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	23 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	249 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 35511 hal900011.redintelligence.net — Cisco Umbrella Rank: 289094	41 KB
8	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460 tags.mathtag.com — Cisco Umbrella Rank: 3974 pixel.mathtag.com — Cisco Umbrella Rank: 972	6 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1618 m.addthis.com — Cisco Umbrella Rank: 1585 api-public.addthis.com — Cisco Umbrella Rank: 4569	217 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18339 api.webgains.io — Cisco Umbrella Rank: 49968	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 47069 medialead.de — Cisco Umbrella Rank: 46770	1 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 337	1 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	144 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 591	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 113367	6 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2745	207 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2330	787 B
2	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 7169	417 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	90 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46505	437 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788	45 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 595	191 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 103929	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 38654	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 168148	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 122344	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 47853	628 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1408	350 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 316	464 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 32171	610 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 726	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 643	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	602 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1806	737 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 436	1 KB
1	spytox.com www.spytox.com	9 KB
149	43

	Domain	Requested by
18	cm.g.doubleclick.net	googleads.g.doubleclick.net www.spytox.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.spytox.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	spytox-3744.kxcdn.com	www.spytox.com spytox-3744.kxcdn.com
11	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.google.com	1 redirects www.spytox.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	sync.mathtag.com	1 redirects tags.mathtag.com sync.mathtag.com googleads.g.doubleclick.net
5	www.gstatic.com	www.google.com googleads.g.doubleclick.net
5	fonts.googleapis.com	www.spytox.com googleads.g.doubleclick.net hal900011.redintelligence.net
4	hal900011.redintelligence.net	hal9000.redintelligence.net hal900011.redintelligence.net
4	hal9000.redintelligence.net	www.spytox.com hal900011.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
3	eb2.3lift.com	3 redirects
3	ssum-sec.casalemedia.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	s7.addthis.com	www.spytox.com s7.addthis.com
2	api.webgains.io	analytics.webgains.io
2	ap.lijit.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
2	x.bidswitch.net	2 redirects
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	widgets.pinterest.com	s7.addthis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google.de	www.spytox.com
2	www.google-analytics.com	www.spytox.com www.google-analytics.com
2	www.googletagmanager.com	www.spytox.com adv.office-partner.de
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	www.spytox.com
1	futalis.de	hal900011.redintelligence.net
1	adv.office-partner.de	hal900011.redintelligence.net
1	pb.media01.eu	hal900011.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	api-public.addthis.com	s7.addthis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	apis.google.com	www.spytox.com
1	www.spytox.com
149	56

This site contains links to these domains. Also see Links.

Domain
plagibot.com
www.addthis.com

Subject Issuer	Validity	Valid
spytox.com R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.futalis.de R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.spytox.com/
Frame ID: D584E6BD5A178C22345FD2A433BF7890
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 756A5835EC0998CE29069E33B28023D4
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2C18F4AFB7A568171EB1B228FAE00E8B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2F73E2A0711342C4C5AEB5F35E75CB40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=280&slotname=6477325946&adk=3439474726&adf=2584567126&pi=t.ma~as.6477325946&w=336&lmt=1676461900&format=336x280&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900066&bpp=4&bdt=571&idt=236&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=6988077355692&frm=20&pv=2&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=78HaI0AdzY&p=https%3A//www.spytox.com&dtd=252
Frame ID: 4A8BFA43804DE09E01353838E23F7367
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Frame ID: B83143800314260266AE17FC12653AD2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&adk=1812271804&adf=3025194257&lmt=1676461900&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.spytox.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900115&bpp=3&bdt=620&idt=217&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x250&nras=1&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=229
Frame ID: 90FA2612EA8F884B46B2767CB5CBE2E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: C2D54930F736FF9EC03762870B9CD63F
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7C5B1690E599309A7E24E64084BD796E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AC5A4BAF8E5B4D979EF2D0F480D7E11
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 07CA4125E5327C66B8486EEA003EC2DC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BB34AA79D5121C86AA8FEAD068BFC8F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Frame ID: 1C039ACF2A5C242EAD64B83F853280ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js
Frame ID: D3ADE5F488EDBD22EC5E55910B026C2F
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20615600077414700951393012236011&actionid=981741&produktid=&dt_url=
Frame ID: E8084883E2D2C3A7662D36955CB218CB
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A6B3B7EEF96B00BC79E71F1D0137779B
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291
Frame ID: A92D523CDE80477075F96C4033C371E7
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Frame ID: C0065FCB21468D03E9C7A24777C99D28
Requests: 9 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=01b963ec-c74d-4d00-b23a-a0a6110e254c&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Frame ID: 9C13FA5A78BDE14421C4F3900DFA30BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 863A268805E80CFF3B068AAD054551C8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A49259F6B47BEC7E64D4DEF9ECD0F02F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD1157A096D0CD5C983007456CED506A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPYTOX - Official Site | Find People, Numbers, EmailsFacebookLinkedInTwitterPinterestGoogle BookmarkFacebookLinkedInTwitterPinterestGoogle Bookmark

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

149
Requests

89 %
HTTPS

38 %
IPv6

43
Domains

56
Subdomains

40
IPs

11
Countries

1524 kB
Transfer

4265 kB
Size

39
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://plagibot.com/
Title: Plagiarism Checker

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGZT9wXQIkf2CgX3ze1gHEY&google_cver=1&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZgHpsclTtrnubWAbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZgHpsclTtrnubWAbo

Request Chain 79

https://um.simpli.fi/gp_match?google_gid=CAESEBMnw-LsxFoZgQ25xkBj-LU&google_cver=1&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_4n5QdQTmvJcvzm88 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4674238905744FD9BC1DB27513FC71DA&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_4n5QdQTmvJcvzm88

Request Chain 80

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFiW2QyHdbzFY5oDYky71Fg&google_cver=1&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgmh52cqO0X41Ba2Dy0wLyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgmh52cqO0X41Ba2Dy0wLyY&google_hm=gptpjmupRZ6NkWTGj4IM3mY

Request Chain 81

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfLlYuLzrdOTmzn52vKobg&google_cver=1&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fsn-eujChPQe_DdAOOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0OTAzNzc5MzI0NTMyOA%3D%3D&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fsn-eujChPQe_DdAOOE

Request Chain 82

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJSQQ_Zv2YEEAzOx4zz2Ryk&google_cver=1&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj2XZd5lINjjyqEEbe0wkyp-SfBfvs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1TTRQUzQtMjctQjlJNg==&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj2XZd5lINjjyqEEbe0wkyp-SfBfvs

Request Chain 83

https://match.360yield.com/match/ebda?google_gid=CAESEC8VPaL5KxlNyQ4Y2nuxBq4&google_cver=1&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV7lGHJH2g HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEC8VPaL5KxlNyQ4Y2nuxBq4&google_cver=1&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV7lGHJH2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k2hdA30pQaS6czf5FvW7oA&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV7lGHJH2g

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPP_4b8Ofdfxdfrjdi91OFw&google_cver=1&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpvcYaKn8Vk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpvcYaKn8Vk&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B

Request Chain 87

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYXGm-t-e9A7zSrrVMvmi0&google_cver=1&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7sLWKKbfqZXkArRYL1YErYlg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYXGm-t-e9A7zSrrVMvmi0&google_cver=1&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7sLWKKbfqZXkArRYL1YErYlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzIxNDQ5NTEzODE2MTIxNw&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7sLWKKbfqZXkArRYL1YErYlg

Request Chain 89

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_cver=1&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrXwRdXm8ibZFzeKXnkY5zoGTKamgnioBTE9BSTdht8SOqlUU2S6_kZbBYdmDrQuxpsPY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrXwRdXm8ibZFzeKXnkY5zoGTKamgnioBTE9BSTdht8SOqlUU2S6_kZbBYdmDrQuxpsPY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrXwRdXm8ibZFzeKXnkY5zoGTKamgnioBTE9BSTdht8SOqlUU2S6_kZbBYdmDrQuxpsPY

Request Chain 90

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDyl4vvE4VFd0VZBy5CUe98&google_cver=1&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjulM7-Y HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjulM7-Y&google_gid=CAESEDyl4vvE4VFd0VZBy5CUe98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjulM7-Y

Request Chain 91

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJvZ6A0fbsC95JLPmiFFhKI&google_cver=1&google_push=Aa02lx89ZDCm-xzly30uoSdke8XPvp_ExniCPZ3cnJvtIZxUJdI1lt1w32u2ft6JnhCX9gTs9tld12XZ7Z8OmOERw4hHfs0paiDA9LBy HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJvZ6A0fbsC95JLPmiFFhKI&google_cver=1&google_push=Aa02lx89ZDCm-xzly30uoSdke8XPvp_ExniCPZ3cnJvtIZxUJdI1lt1w32u2ft6JnhCX9gTs9tld12XZ7Z8OmOERw4hHfs0paiDA9LBy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=57b0fa2f-f74b-4c20-9c0e-d71571196735&%%GOOGLE_PUSH_PAIR%%

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20615600077414700951393012236011&actionid=981741&produktid=&dt_url=

Request Chain 112

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=20615600077414700951393012236011&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291

Request Chain 115

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 126

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKxP4W9toTkX6bTwfBJBURo&google_cver=1&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oHsksul3Ss HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oHsksul3Ss&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_cver=1&google_push=Aa02lx8JcDDdookIViIq61EM2mIrxDRK-2ko3FmvhXtNiDquV1Mwbb0qCklTnLWoEHJTnnLxId6Cln5nQHJsefcFlQ6xJ2_C1Mt8kg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx8JcDDdookIViIq61EM2mIrxDRK-2ko3FmvhXtNiDquV1Mwbb0qCklTnLWoEHJTnnLxId6Cln5nQHJsefcFlQ6xJ2_C1Mt8kg

Request Chain 128

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEICd75dT-3WE_QF3RXK2lVc&google_cver=1&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEICd75dT-3WE_QF3RXK2lVc&google_cver=1&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8&google_hm=GKRnqGZHAgVx8nopR9GrP6ie

Request Chain 129

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMflzA7gNSLmMpebAey4xQg&google_cver=1&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094PaS6oCNKsBEwc4MMxOXkzAnw4SbmGAy_gdXYwRIJFvZmM9CwY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094PaS6oCNKsBEwc4MMxOXkzAnw4SbmGAy_gdXYwRIJFvZmM9CwY

149 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.spytox.com/ 45 KB
9 KB 769ms
165ms Document
text/html 143.110.192.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 143.110.192.167 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f18e5f2ed5bd7e830c4057791d021e650ea754a73979f85f9342ab2a5a4be737

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: PUT GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 11:51:39 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
x-fastcgi-cache: HIT

GET
H2 200 style-v1.7.css
spytox-3744.kxcdn.com/assets/css/ 156 KB
31 KB 173ms
30ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/css/style-v1.7.css
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 42d96d4d0dd893a1796f1a39ef3a7ab4f75a6b01061f4679c48005da0e89ed94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:18 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d296-27013"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/css/style-v1.7.css>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 animate.min.css
spytox-3744.kxcdn.com/assets/css/ 55 KB
5 KB 231ms
89ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/css/animate.min.css
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 3d1eedb6972fcfcaab179edfbabff2031d6a5cc14978916203aa52cd68b43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:18 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d296-da24"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/css/animate.min.css>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 chosen.css
spytox-3744.kxcdn.com/assets/css/ 14 KB
3 KB 232ms
90ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/css/chosen.css
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 334145925346753db83adddd8461997a8a29b9f0b9a0f6d82b6541e0f5b3b939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:18 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d296-36c6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/css/chosen.css>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 font-awesome.css
spytox-3744.kxcdn.com/assets/css/font-awesome-4.7.0/css/ 37 KB
8 KB 233ms
91ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/css/font-awesome-4.7.0/css/font-awesome.css
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:18 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d296-9226"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/css/font-awesome-4.7.0/css/font-awesome.css>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
869 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:51:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 59ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-822323648

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adfd11698a0b169af3f0f9da0a96cc64ee0afeb77603fc428f341ac3135f65e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50850
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 11:51:39 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 111ms
58ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 11:51:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d180a2ced31e8f24"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:51:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 206ms
108ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a4079c11aa07b2a4ce80b585e6fbb7cc19febc5bbbb42c66d93b959a52b5320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49461
x-xss-protection: 0
server: cafe
etag: 4415337518437195510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:51:39 GMT

GET
H2 200 jquery-1.10.2.js Show response
spytox-3744.kxcdn.com/assets/js/ 91 KB
32 KB 236ms
94ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/js/jquery-1.10.2.js
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:23 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d29b-16bb3"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/js/jquery-1.10.2.js>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 chosen.jquery.js Show response
spytox-3744.kxcdn.com/assets/js/ 45 KB
9 KB 234ms
93ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/js/chosen.jquery.js
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fc09896e4d37aae0a3c4c645f5d02ccae04188b8687a06064c83222aa3b21d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:23 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d29b-b49f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/js/chosen.jquery.js>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 cleave.min.js Show response
spytox-3744.kxcdn.com/assets/js/ 14 KB
5 KB 233ms
92ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/js/cleave.min.js
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c6e5073776f904be7f2de791b5a290f06c2cd3050d9463d9ea47dccc9a24b4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:23 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d29b-3622"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/js/cleave.min.js>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
895 B 126ms
53ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf7b5ff150f5d4774b07ebc8c3a6d0f8da1d77cb34dc675b41bd5435024d1bc6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 11:51:39 GMT

GET
H2 200 logo.png
spytox-3744.kxcdn.com/assets/images/ 27 KB
27 KB 34ms
32ms Image
image/png 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spytox-3744.kxcdn.com/assets/images/logo.png
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e507cb26a024ab28152f2b7a2dca0ec245b3245ebafd66e236f97cd5c9396173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
last-modified: Thu, 07 May 2020 09:19:19 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "5eb3d297-6c9a"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.spytox.com/assets/images/logo.png>; rel="canonical"
content-length: 27802
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 jquery-ui.min.js Show response
spytox-3744.kxcdn.com/assets/js/ 248 KB
67 KB 31ms
31ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/js/jquery-ui.min.js
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:23 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d29b-3dee4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/js/jquery-ui.min.js>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 jquery-ui-autocomplete.css
spytox-3744.kxcdn.com/assets/css/ 35 KB
9 KB 41ms
41ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/css/jquery-ui-autocomplete.css
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:18 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d296-8c85"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/css/jquery-ui-autocomplete.css>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 161ms
32ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 15 Feb 2023 11:51:39 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116332

GET
H2 200 javascript-v1.0.min.js Show response
spytox-3744.kxcdn.com/assets/js/ 21 KB
6 KB 34ms
31ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://spytox-3744.kxcdn.com/assets/js/javascript-v1.0.min.js
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 918960055a6ad1ffd00476c099f700edfe0f64d7dda70ceb531c7e846a16a4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 09:19:23 GMT
server: keycdn-engine
x-edge-location: atvi
etag: W/"5eb3d29b-54f9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <https://www.spytox.com/assets/js/javascript-v1.0.min.js>; rel="canonical"
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 search.png
spytox-3744.kxcdn.com/assets/images/ 17 KB
17 KB 33ms
33ms Image
image/png 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spytox-3744.kxcdn.com/assets/images/search.png
Requested by: Host: spytox-3744.kxcdn.com
URL: https://spytox-3744.kxcdn.com/assets/css/style-v1.7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7463b3f6fd3500884e8d7086a167d3d3c7fa52456d5d889b285fcaaea124b20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spytox-3744.kxcdn.com/assets/css/style-v1.7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:39 GMT
last-modified: Thu, 07 May 2020 09:19:20 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "5eb3d298-4200"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://www.spytox.com/assets/images/search.png>; rel="canonical"
content-length: 16896
expires: Wed, 22 Feb 2023 11:51:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/822323648/ 2 KB
1 KB 148ms
84ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822323648/?random=1676461899905&cv=11&fst=1676461899905&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&auid=2052454115.1676461900&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822323648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56ab1c25d259ee56ca163d405e1b13858dfd0cebcef93459db746e2503673090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 406 KB
163 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Origin: https://www.spytox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:42:41 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 87ms
22ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=52764
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
15ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 10:54:48 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 12:54:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/822323648/ 2 KB
1 KB 79ms
79ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822323648/?random=1676461900049&cv=11&fst=1676461900049&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&auid=2052454115.1676461900&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822323648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31e6f0e526b7bd6c1fabe94ef0d2629eac9f9ad2bb7d3dee6172809dbedd32d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 366 KB
120 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2123191348225677&plah=www.spytox.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf1496600ff0930080a8a78920315cf15fe2979257e58b55511df809fe637edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123020
x-xss-protection: 0
server: cafe
etag: 2837264253436338319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 756A 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:28 GMT
etag: 10353107486223812946
expires: Wed, 01 Mar 2023 11:06:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a46fda3f0bc44ec/ 2 KB
737 B 207ms
193ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a46fda3f0bc44ec/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c19fa29fb376eb8740d3e19c058d37c79e38249b9c0c0626a3dc8590ea42200b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
etag: -1672374524--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 560

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 360ms
194ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63ecc74ca98150b3&bkl=0&bl=1&pdt=778&sid=63ecc74ca98150b3&pub=ra-5a46fda3f0bc44ec&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.spytox.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1676461900109&jsl=1&uvs=63ecc74c3e935b73000&skipb=1&callback=addthis.cbs.jsonp__96613682653263780
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 89a032d525be8fb5e75f1e0637c4517d541f3cdf6d733bf9ac242a56397792fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2C18 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 2F73 71 KB
26 KB 21ms
21ms Document
text/html 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 15 Feb 2023 11:51:40 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 /
www.google.com/pagead/1p-user-list/822323648/ 42 B
327 B 47ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/822323648/?random=1676461899905&cv=11&fst=1676458800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1080610110&rmt_tld=0&ipr=y

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/822323648/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/822323648/?random=1676461899905&cv=11&fst=1676458800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1080610110&rmt_tld=1&ipr=y

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 31ms
30ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=700332127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spytox.com%2F&ul=en-us&de=UTF-8&dt=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=312577665&gjid=1988084890&cid=1247704918.1676461900&tid=UA-101131647-5&_gid=1419539734.1676461900&_r=1&_slc=1&z=1139539818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.spytox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.spytox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/822323648/ 42 B
108 B 46ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/822323648/?random=1676461900049&cv=11&fst=1676458800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=624023356&rmt_tld=0&ipr=y

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/822323648/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/822323648/?random=1676461900049&cv=11&fst=1676458800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.spytox.com%2F&tiba=SPYTOX%20-%20Official%20Site%20%7C%20Find%20People%2C%20Numbers%2C%20Emails&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=624023356&rmt_tld=1&ipr=y

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 51ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.spytox.com&callback=_gfp_s_&client=ca-pub-2123191348225677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2123191348225677&plah=www.spytox.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54180f1b1da637fbd3321fb28aa7265233df13d69d0061f8951256222b955e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 118ms
42ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.spytox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 38ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.spytox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A8B 86 KB
32 KB 685ms
685ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=280&slotname=6477325946&adk=3439474726&adf=2584567126&pi=t.ma~as.6477325946&w=336&lmt=1676461900&format=336x280&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900066&bpp=4&bdt=571&idt=236&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=6988077355692&frm=20&pv=2&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=78HaI0AdzY&p=https%3A//www.spytox.com&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fc4634fc39d2e542895589c1f572f353384012088e92bf56d6dd38d16a23f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32667
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:40 GMT
expires: Wed, 15 Feb 2023 11:51:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B831 26 KB
12 KB 972ms
971ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d5be2e41cc63ddda3ec3a5e2c0180a705472d29acfe99758f4d2b64b3ee88dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:41 GMT
expires: Wed, 15 Feb 2023 11:51:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.spytox.com%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90FA 157 KB
45 KB 485ms
485ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&adk=1812271804&adf=3025194257&lmt=1676461900&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.spytox.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900115&bpp=3&bdt=620&idt=217&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x250&nras=1&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=229

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb65713ae9c0e69411b79521f038e18a8c1fb08e8a4e0cf8b907ff3e82c2d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46454
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:40 GMT
expires: Wed, 15 Feb 2023 11:51:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 34ms
34ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 15 Feb 2023 11:51:40 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77662

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
255 B 162ms
34ms XHR
application/json 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.spytox.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.spytox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 15 Feb 2023 11:51:40 GMT
surrogate-key: sFbt=https://www.spytox.com/
last-modified: Wed, 15 Feb 2023 11:00:00 GMT
server: nginx/1.15.8
content-type: application/json
access-control-allow-origin: https://www.spytox.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 72 B
296 B 115ms
100ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.spytox.com%2F&callback=window._ate.cbs.rcb_jrwr0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42e1ca55eeb384f871974cdb04b799d6b9e5690c38404de76caf9680ddef6ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 6957554268837983
expires: Wed, 15 Feb 2023 12:06:40 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 69 B
121 B 116ms
100ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.spytox.com%2F&callback=window._ate.cbs.rcb_62qs0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7168160927a63bb5a9776d1cc68f9f62a4c3980b7f13380cbf49c9a13a0fccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 6375996750847919
expires: Wed, 15 Feb 2023 12:06:40 GMT

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 150 KB
51 KB 72ms
72ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7222d79fbe9d7804becdeb125ab263e7e62768270633bfc5ee8c4758e330ff84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52318
x-xss-protection: 0
server: cafe
etag: 16220502332597988829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.spytox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.spytox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame C2D5 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 18:57:47 GMT
etag: 10353107486223812946
expires: Tue, 28 Feb 2023 18:57:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C2D5 4 KB
732 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C2D5 205 B
229 B 27ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:44:11 GMT
x-content-type-options: nosniff
age: 7650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Feb 2024 09:44:11 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C2D5 604 B
628 B 25ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:36:25 GMT
x-content-type-options: nosniff
age: 916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Feb 2024 11:36:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame C2D5 19 KB
8 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 23:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 4522959314154213365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 23:08:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A8B 4 KB
621 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=280&slotname=6477325946&adk=3439474726&adf=2584567126&pi=t.ma~as.6477325946&w=336&lmt=1676461900&format=336x280&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900066&bpp=4&bdt=571&idt=236&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=6988077355692&frm=20&pv=2&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=78HaI0AdzY&p=https%3A//www.spytox.com&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 10:50:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4A8B 2 KB
846 B 19ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 01:40:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A8B 0
0 61ms
61ms Fetch
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoZw1TMfsY8XEFouTywXrrY3YBcimpsZi_-upzJUQn8aDvOMPEAEgj6aASWCV4pCCoAegAe3qkM4DyAEJqQL2ZeAFSwSyPqgDAcgDywSqBLoBT9BniQH60T-FGk-0UX-gHkLlRRzS3E8aAWVYVCgqy45h2lq0bTTAuRDJWnbEuetVJuH6acT6bA4ZLgHJ3MsbE2spiJn8pnx_P0wsE3xQDxTyw2RQnKkxLuNowG60TIlM1Msny0FzHJWJgNxp5eVThEtUrQaOLDc-UONOJX6W6F3hozGoWqBwyvPTu1NGX8Md-OW6Dn9eMAtVCOz3BCQUL3O4TcwDjeLEQKCdHGHJkEygIMmvzMGnDPWswATQ_NDRoQSSBQQIBBgBkgUECAUYBKAGLoAH-5TvMagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOa-AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTIxMjMxOTEzNDgyMjU2NzcYAA&sigh=1ukJ6jYyUZ8&uach_m=[UACH]&cid=CAQSKQDUE5ymGSqc7I76rK1J4Bso_WXxUSuQvyz1DPiq4cxFJdaDPO2VVCTwGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=280&slotname=6477325946&adk=3439474726&adf=2584567126&pi=t.ma~as.6477325946&w=336&lmt=1676461900&format=336x280&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900066&bpp=4&bdt=571&idt=236&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=6988077355692&frm=20&pv=2&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=78HaI0AdzY&p=https%3A//www.spytox.com&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Feb 2023 11:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 4A8B 22 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:37:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4A8B 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:37:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4A8B 20 KB
8 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 01:23:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4A8B 0
0 45ms
42ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-cQvU7SxwtQIYwvxaqXKdoUMuamryK1QimngVfBEgunS0okKwMyGpUM0LxwCo5juXDNxY0c5cDflRn5jMkovtQo54_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=280&slotname=6477325946&adk=3439474726&adf=2584567126&pi=t.ma~as.6477325946&w=336&lmt=1676461900&format=336x280&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900066&bpp=4&bdt=571&idt=236&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&correlator=6988077355692&frm=20&pv=2&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=78HaI0AdzY&p=https%3A//www.spytox.com&dtd=252
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A8B 156 KB
48 KB 138ms
59ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 4A8B 34 KB
14 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7C5B 8 KB
895 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:13:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 7C5B 2 KB
799 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 01:40:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 7C5B 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:37:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 7C5B 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:37:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 7C5B 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 01:23:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7C5B 0
0 42ms
42ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAq-NQAMZ0K-pK39bedJoLzn2A0x2-jV_DL_07mdURVqUjrCCKBB5rxlv9qtvmw31RzTbNyZNHXnih9K9JzEdqe9z4QQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C5B 156 KB
48 KB 154ms
95ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 7C5B 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/13183159046565564406/ Frame 4A8B 9 KB
10 KB 7ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13183159046565564406/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0a5c08678ba83e8a429cc770d9213b86745283b255d5ecd63742fb3ccca130f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 05:30:52 GMT
x-content-type-options: nosniff
age: 22849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9465
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 23:13:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 05:30:52 GMT

GET
DATA 200
OK truncated
/ Frame 4A8B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7AC5 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CA 143 B
166 B 22ms
20ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:11:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BB3 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4A8B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8696e4a3624f442441d72c25a05088af09452d73e66b23ceeb8d241a412084c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7AC5 35 B
464 B 38ms
7ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPAH0Y1HgZok9fwGR6Mht0E&google_cver=1&google_push=Aa02lx82tXWwYgVKK58U-8Nj9Am7D28eE5jWTn8cmKS6WJCCW9Z8sCD9tcL2UgynfdMP-5veysvlqEECDwgvn5LXGfCeOoM4oju5iYI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGZT9wXQIkf2CgX3ze1gHEY&google_cver=1&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZg...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZgHpsclTtrnubWAbo

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZgHpsclTtrnubWAbo

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: MT3 457 2362390 master cdg-pixel-x28 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_0ssVL_JSQiyuB0VdECUlmk5wNw-Tl6jzqF80r1kU_6MP9xXcrxpNfCyWa-GVRl0octF4KR8QJl2jWYxZgHpsclTtrnubWAbo
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBMnw-LsxFoZgQ25xkBj-LU&google_cver=1&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_4n5QdQTmvJcvzm88
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4674238905744FD9BC1DB27513FC71DA&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_...

170 B
232 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4674238905744FD9BC1DB27513FC71DA&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_4n5QdQTmvJcvzm88

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 11:51:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4674238905744FD9BC1DB27513FC71DA&google_push=Aa02lx9QpPGG5yUo3_QtDvXv3OOfzHnc5t-SUxi_2qvdwe96k97Gw-Bf7ScELvP-V-YoMrwM5oV-X7nRWygKY1_4n5QdQTmvJcvzm88
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 14 Feb 2023 11:51:41 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFiW2QyHdbzFY5oDYky71Fg&google_cver=1&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgmh52cqO0X41Ba2Dy0wLyY&google_hm=gptpjmupRZ6NkWTGj...

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgmh52cqO0X41Ba2Dy0wLyY&google_hm=gptpjmupRZ6NkWTGj4IM3mY

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8pGZNFZJngah4U7rFw97W5K3ze1GxRpFSuHikKiLQRU880yw5D6Yqgnj2tjCadFyjy272AsD4cYgmh52cqO0X41Ba2Dy0wLyY&google_hm=gptpjmupRZ6NkWTGj4IM3mY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfLlYuLzrdOTmzn52vKobg&google_cver=1&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fs...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0OTAzNzc5MzI0NTMyOA%3D%3D&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fsn-eu...

170 B
329 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0OTAzNzc5MzI0NTMyOA%3D%3D&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fsn-eujChPQe_DdAOOE

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMDM0OTAzNzc5MzI0NTMyOA%3D%3D&google_push=Aa02lx_Ne4kFUhIShgpRdWpg96Bkgz6__rlBSnFzyx14ci3E1VOCN44CiA2PQ5NjJGlUhwDLnBnuVqsLNb94fsn-eujChPQe_DdAOOE
Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJSQQ_Zv2YEEAzOx4zz2Ryk&google_cver=1&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1TTRQUzQtMjctQjlJNg==&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj2XZd5lINjjyqEEbe0wkyp-SfBfvs

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1TTRQUzQtMjctQjlJNg==&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj2XZd5lINjjyqEEbe0wkyp-SfBfvs

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU1TTRQUzQtMjctQjlJNg==&google_push=Aa02lx8AZiimnvR9kPk7DxJOIM8jzotNWvp5kFRkjlcVoZPdAFb09Sp2mNSr5tidOieCzQUrxoj2XZd5lINjjyqEEbe0wkyp-SfBfvs
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7AC5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEC8VPaL5KxlNyQ4Y2nuxBq4&google_cver=1&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEC8VPaL5KxlNyQ4Y2nuxBq4&google_cver=1&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlq...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k2hdA30pQaS6czf5FvW7oA&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djl...

170 B
232 B

20ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k2hdA30pQaS6czf5FvW7oA&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV7lGHJH2g

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=k2hdA30pQaS6czf5FvW7oA&google_push=Aa02lx82aKcwR-xrzTmgTbUsDlWJmQ3GzBfAptK5lUr3mCsHuO53erNHtE3EprMah5bEVSatLLXj7g74sS00Djlql_RmVV7lGHJH2g
access-control-allow-origin: *
date: Wed, 15 Feb 2023 11:51:41 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7AC5 0
139 B 55ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwmhLmGohaWYoA6JASa6uEjy8yWkMQ_bCxpVDLOWXgl846qWOt9dcFaiSnDN6WnqYlcts_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8BB3 0
104 B 91ms
23ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC_KWS9AkfsCcVdMT5oeC8Y&google_cver=1&google_push=Aa02lx8oGd5Tpe99n4NUj4HvUR4f79PXKUMQUWtbyxJD2thmmdraf_xY-OJWZXCraP_Rwz9FWIapjVgu-gmjLZVc99rVK3vaLUUOpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPP_4b8Ofdfxdfrjdi91OFw&google_cver=1&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpv...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpvcYaKn8Vk&google_hm=eS1rT3hvdW14RTJwR2t...

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpvcYaKn8Vk&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 11:51:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9FMD82JcJeOVH2UcWDO3hxl9E-q7G2oxpbTcKEt8xW2aRd4SB8S8Rw687LRGpy8jMW2bsr7x3CHXmbLwwX7uvZQpvcYaKn8Vk&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYXGm-t-e9A7zSrrVMvmi0&google_cver=1&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYXGm-t-e9A7zSrrVMvmi0&google_cver=1&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzIxNDQ5NTEzODE2MTIxNw&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHb...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzIxNDQ5NTEzODE2MTIxNw&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7sLWKKbfqZXkArRYL1YErYlg

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzIxNDQ5NTEzODE2MTIxNw&google_push=Aa02lx_5JL1fOVsAIvFQFIjG5FMCONHbErLqI-iRyWOUKmMt-GDR6YxBf9X2R18qv4xK6DPmYLOOHbk7sLWKKbfqZXkArRYL1YErYlg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8BB3 43 B
350 B 73ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBkkRVRhFJZsu2s_rOAB5aE&google_cver=1&google_push=Aa02lx8_duhNs8BlIrpHGYekSKcK3FkmMYpLow97niAmIpK1yO7mVgEmQSQzdTMbBlQ1p-Z9ucwNIkZ_Zz_sOvQurLNY0ulOWlPZ0cY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dfeskbdcie90elds3uc7fh55slhf33cf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrX...

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrXwRdXm8ibZFzeKXnkY5zoGTKamgnioBTE9BSTdht8SOqlUU2S6_kZbBYdmDrQuxpsPY

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGcHjPWP80IWmQD2Lhi6U7s&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx_gcXQO3InJe5e32mDEI3J5iNskcCfrXwRdXm8ibZFzeKXnkY5zoGTKamgnioBTE9BSTdht8SOqlUU2S6_kZbBYdmDrQuxpsPY
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDyl4vvE4VFd0VZBy5CUe98&google_cver=1&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUju...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjul...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74...

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjulM7-Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx_LStpvkEKcPub476Cadjp7mCsejDo224jQQxVX2MXjw_bN0l74DbnjTrTDBd7QLd5ZIEEovywuw3k1M7yYANUm-eAUjulM7-Y
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BB3
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJvZ6A0fb...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJv...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=57b0fa2f-f74b-4c20-9c0e-d71571196735&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=57b0fa2f-f74b-4c20-9c0e-d71571196735&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=57b0fa2f-f74b-4c20-9c0e-d71571196735&%%GOOGLE_PUSH_PAIR%%
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BB3 0
40 B 42ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzfW4c54WJEgJYlSkDzE4ephxeBXxQ2bNgDxKlXusFlJ8kbZnWtx8XPjFAmdxZlYwhtEp61A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:41 GMT
expires: Wed, 15 Feb 2023 11:51:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4A8B 16 KB
16 KB 52ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 13:59:42 GMT
x-content-type-options: nosniff
age: 510719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:59:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4A8B 15 KB
15 KB 40ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 510365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:05:36 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame B831 7 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:17:39 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame B831 2 KB
2 KB 235ms
42ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWW1RNU5HWmhOakl0WkRjNU1DMDNOMll3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwODQ2Mzc2NDg4Nzg3Njk4ODQvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3UFB4MTVxd1JIOW00aWxEWDZXSm5FWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDg0NjM3NjQ4ODc4NzY5ODg0L2Ftcy8wLzI1MS81My85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3NjQ2MTkwMC8xNjc2NDc0NTAwLzQvcHViLTIxMjMxOTEzNDgyMjU2Nzcv/MVjiZwj9DN5D9gMdkpZix6byMa0&nodeid=3288&group=cdg&auctionid=4084637648878769884&pbs_auctionid=4084637648878769884&shardkey=4084637648878769884&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%26client%3Dca-pub-2123191348225677%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 07ec75c74a2fe77b8e80c9fa84feb0d7d1bc5716d070571967df2e6431860fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
x-mm-nodeid: 3288
x-mm-handled-by-owner: true
x-mm-bid-request-time: 1676461900
Last-Modified: Wed, 15 Feb 2023 11:51:40 GMT
Server: MMBD/3.380.1
Content-Encoding: gzip
x-mm-latency: 24 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x64, cdg-bidder-x140
Connection: close
x-mm-lag: 1
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame B831 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 11:37:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame B831 20 KB
8 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 01:23:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B831 0
0 43ms
41ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3IyFlgJsyJGsOBLO6M_7vSLUNwoIOHpmWfWMb8Y7u8M0XQjTAV0z0qmMT0U4VdAUmsqR5dmBi7UbJZx1NMc8Ht3ReNg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B831 156 KB
48 KB 58ms
55ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H3 200 Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C03 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
H3 200 Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame D3AD 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js

Requested by

Host: www.spytox.com
URL: https://www.spytox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B831 0
0 62ms
61ms Fetch
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1nyTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLIBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpxTkreUxws-5wHlqpMo5LLsw1fOc2ZU3lhoRxLLbO-dP3WfnDYaMoAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTIzMTkxMzQ4MjI1Njc3GAA&sigh=Ubk01SRvZCo&uach_m=[UACH]&cid=CAQSKQDUE5ymrce424Zb-6d2bRfRLzJDGTrD7LztBhBBpb0OLKRSEzcOcf0fGAE&tpd=AGWhJmstUFPM_csMaPLCMxc7TY1_Rn3oi0fDScpXxMaDnBDmbupWcj2vRD5biTYzy3fEuqnfc2aCXUh4mpnJRMnN7K6uvho5ezTtBW2g1ZTvrBoiO1Y3S246R-XsT5wa9uBAxUODOk0x0DVr5IPH3qwikxQyZu08hwv1ay7rFfGQfy7L3GGCc-2ApZWonR3n3rzPMYXBjm4VL4MBuJ_-cvb9KiTdFboXmZ3rKtdQAOfpoi5L301DiWeqRAla835NlmQqV5cV9Lect9hsZGPdYVI_XVmwR7urFXd9bilgkDldxVYRF1bBjF3EUjlfV32w47nbTj8wM94ACWgbGMG_mYwUTkoH2V-WJDIXO11YqfycfN8O-WXjaVlFvGc6rlAhxEkbL4t40erJ47z5uC7v2kWDdfEfVHKK8MsNSPeOO_6TEvuFR7-B0uGmU-FvWzqHfAtJOd8IGFscdvD5dpqqrGg3OkMnZ7xbcEJR9cgva1eRgGAY_GuNYcDBv_DPckFucD-yBNpuAAn5CT6hA1CupxkeVjzmhcBzvz3YXgcKMw19ODIaRAK6H1hTKyEu3lcra_9kow4lgaqD2BPqwrD2gSxqbFlg4KE_5t81C6h4wCAGOKerRiX2Fkayp5933lt2f4H1xMhnoCyYAJUh9AqykN6mtXzBOVPVbvCPJ6UlGM5kep9FbIuuzLpSzpEWszoheomS5D2rQGsZ9x2ORhmlbhecByxshLy8zOJAF4EREap6Qp5YsDg8G55yePU2mNloJtb6wYRUj3rWZ4YplPqwU-o4dsSpjNHivKkld2dlHWJrP9X-fwBO9zp3gXeD_BpEquvvZzH9Za0VfsubUuCdye7GJ9635ZV8UX95TGwMNaUwkFUNXvoIJyj5S8Plc3NOw3aFpwPOU6CTL0h-t9a8OSw6ZYRdAoQTqPDSHOLfMNNY1CBK2tBt9aykmZfie3HwfOlKZ6Hb7GgDOZ29vOsy-hfn9HEYmTXAQYPy0a_YsU_aq4UX_Dubr0QhuAFJ9n9hBkXX7QhK5uWHiSPYISOCDm5fo-9aJNitv20CVh58IroxM4pvmq74h__LmWBfzFMwLa4XDawRWFpJtHLcss-VwrG1Zw0boxiFfCz2ZpoVAHpCvH-kGv3rGQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Feb 2023 11:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame B831 10 KB
3 KB 57ms
17ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=4084637648878769884&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 57b72e89c02a54a558fb85697d678becb87713199ddb546efcdf6be95b499cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3304
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame B831 43 B
404 B 148ms
60ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4084637648878769884&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWW1RNU5HWmhOakl0WkRjNU1DMDNOMll3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwODQ2Mzc2NDg4Nzg3Njk4ODQvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3UFB4MTVxd1JIOW00aWxEWDZXSm5FWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDg0NjM3NjQ4ODc4NzY5ODg0L2Ftcy8wLzI1MS81My85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3NjQ2MTkwMC8xNjc2NDc0NTAwLzQvcHViLTIxMjMxOTEzNDgyMjU2Nzcv/MVjiZwj9DN5D9gMdkpZix6byMa0&nodeid=3288&group=cdg&auctionid=4084637648878769884&pbs_auctionid=4084637648878769884&shardkey=4084637648878769884&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%26client%3Dca-pub-2123191348225677%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 457 2362390 master zrh-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: MT3 457 2362390 master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame B831 49 B
330 B 76ms
41ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4084637648878769884&st=4562306&time=1676461901&nodeid=3288
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWW1RNU5HWmhOakl0WkRjNU1DMDNOMll3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwODQ2Mzc2NDg4Nzg3Njk4ODQvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3UFB4MTVxd1JIOW00aWxEWDZXSm5FWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDg0NjM3NjQ4ODc4NzY5ODg0L2Ftcy8wLzI1MS81My85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3NjQ2MTkwMC8xNjc2NDc0NTAwLzQvcHViLTIxMjMxOTEzNDgyMjU2Nzcv/MVjiZwj9DN5D9gMdkpZix6byMa0&nodeid=3288&group=cdg&auctionid=4084637648878769884&pbs_auctionid=4084637648878769884&shardkey=4084637648878769884&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%26client%3Dca-pub-2123191348225677%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: MMBD/3.380.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x85, cdg-bidder-x140
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame B831 1 KB
1 KB 27ms
27ms Script
text/javascript 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWW1RNU5HWmhOakl0WkRjNU1DMDNOMll3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwODQ2Mzc2NDg4Nzg3Njk4ODQvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3UFB4MTVxd1JIOW00aWxEWDZXSm5FWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDg0NjM3NjQ4ODc4NzY5ODg0L2Ftcy8wLzI1MS81My85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3NjQ2MTkwMC8xNjc2NDc0NTAwLzQvcHViLTIxMjMxOTEzNDgyMjU2Nzcv/MVjiZwj9DN5D9gMdkpZix6byMa0&nodeid=3288&group=cdg&auctionid=4084637648878769884&pbs_auctionid=4084637648878769884&shardkey=4084637648878769884&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.145&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%26client%3Dca-pub-2123191348225677%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 457 2362390 master cdg-pixel-x26 config:1.0.0 /
Resource Hash: 93516369648dbada4bbf55b7e3131ab6b6235ad6214c3e05d525777c2dc7be45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: MT3 457 2362390 master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H/1.1 200
OK request.php Show response
hal900011.redintelligence.net/ Frame B831 3 KB
1 KB 124ms
72ms Script
application/x-javascript 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=fdc217a8f3&subid=&uid=a69ed6e261ea086d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2123191348225677%26output%3Dhtml%26h%3D250%26slotname%3D4854096690%26adk%3D1784139003%26adf%3D3048628840%26pi%3Dt.ma~as.4854096690%26w%3D300%26lmt%3D1676461900%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.spytox.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676461900070%26bpp%3D1%26bdt%3D576%26idt%3D256%26shv%3Dr20230213%26mjsv%3Dm202302090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D6988077355692%26frm%3D20%26pv%3D1%26ga_vid%3D1247704918.1676461900%26ga_sid%3D1676461900%26ga_hid%3D700332127%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1030%26ady%3D498%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44782466%252C31072254%252C31072288%252C31071663%26oid%3D2%26pvsid%3D733766993489491%26tmod%3D1859599411%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC8dY4cnHz3%26p%3Dhttps%253A%2F%2Fwww.spytox.com%26dtd%3D260&ancestorOrigins=null&random=2742764930279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=4084637648878769884&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dc5d0a4a4d08865feed4a4f929e27dde102ab3cd9acbaad2f4ff8d5989c2a33f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 20615600077414700951393012236011
Connection: close
Content-Length: 1088
Expires: Wed, 15 Feb 2023 11:51:41 +0100

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame E808
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20615600077414700951393012236011&actionid=981741&produktid=&dt_url=

0
628 B

86ms
26ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20615600077414700951393012236011&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=fdc217a8f3&subid=&uid=a69ed6e261ea086d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2123191348225677%26output%3Dhtml%26h%3D250%26slotname%3D4854096690%26adk%3D1784139003%26adf%3D3048628840%26pi%3Dt.ma~as.4854096690%26w%3D300%26lmt%3D1676461900%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.spytox.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676461900070%26bpp%3D1%26bdt%3D576%26idt%3D256%26shv%3Dr20230213%26mjsv%3Dm202302090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D6988077355692%26frm%3D20%26pv%3D1%26ga_vid%3D1247704918.1676461900%26ga_sid%3D1676461900%26ga_hid%3D700332127%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1030%26ady%3D498%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44782466%252C31072254%252C31072288%252C31071663%26oid%3D2%26pvsid%3D733766993489491%26tmod%3D1859599411%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC8dY4cnHz3%26p%3Dhttps%253A%2F%2Fwww.spytox.com%26dtd%3D260&ancestorOrigins=null&random=2742764930279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 11:51:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 15 Feb 2023 12:51:41 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 15 Feb 2023 11:51:41 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20615600077414700951393012236011&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 92467566:A3E6_91EFC182:01BB_63ECC74D_51C9F3:C02D

GET
H2 200 / Show response
adv.office-partner.de/ Frame A6B3 930 B
931 B 211ms
31ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=fdc217a8f3&subid=&uid=a69ed6e261ea086d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2123191348225677%26output%3Dhtml%26h%3D250%26slotname%3D4854096690%26adk%3D1784139003%26adf%3D3048628840%26pi%3Dt.ma~as.4854096690%26w%3D300%26lmt%3D1676461900%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.spytox.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676461900070%26bpp%3D1%26bdt%3D576%26idt%3D256%26shv%3Dr20230213%26mjsv%3Dm202302090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D6988077355692%26frm%3D20%26pv%3D1%26ga_vid%3D1247704918.1676461900%26ga_sid%3D1676461900%26ga_hid%3D700332127%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1030%26ady%3D498%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44782466%252C31072254%252C31072288%252C31071663%26oid%3D2%26pvsid%3D733766993489491%26tmod%3D1859599411%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC8dY4cnHz3%26p%3Dhttps%253A%2F%2Fwww.spytox.com%26dtd%3D260&ancestorOrigins=null&random=2742764930279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 15 Feb 2023 11:51:41 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 22 Feb 2023 11:51:41 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

htlp Show response
futalis.de/ Frame A92D
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=20615600077414700951393012236011&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291

350 B
401 B

71ms
16ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=fdc217a8f3&subid=&uid=a69ed6e261ea086d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2123191348225677%26output%3Dhtml%26h%3D250%26slotname%3D4854096690%26adk%3D1784139003%26adf%3D3048628840%26pi%3Dt.ma~as.4854096690%26w%3D300%26lmt%3D1676461900%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.spytox.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676461900070%26bpp%3D1%26bdt%3D576%26idt%3D256%26shv%3Dr20230213%26mjsv%3Dm202302090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D6988077355692%26frm%3D20%26pv%3D1%26ga_vid%3D1247704918.1676461900%26ga_sid%3D1676461900%26ga_hid%3D700332127%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1030%26ady%3D498%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44782466%252C31072254%252C31072288%252C31071663%26oid%3D2%26pvsid%3D733766993489491%26tmod%3D1859599411%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC8dY4cnHz3%26p%3Dhttps%253A%2F%2Fwww.spytox.com%26dtd%3D260&ancestorOrigins=null&random=2742764930279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 11:51:41 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame B831 2 KB
2 KB 134ms
62ms Script
text/html 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=20615600077414700951393012236011&nw=1
Requested by: Host: www.spytox.com
URL: https://www.spytox.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 34d061306b6187d4cc5769ddfa9d610414ac75a0e901a491501d3785424b4ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
last-modified: Wed, 15 Feb 2023 11:51:41 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 15 Feb 2023 11:52:41 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame C006 7 KB
2 KB 35ms
13ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=fdc217a8f3&subid=&uid=a69ed6e261ea086d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dwi7COwB4yo-wY63OyGXADw%26exch_seat%3D20035004448%26mt_aid%3D4084637648878769884%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_cid%3D01b963ec-c74d-4d00-b23a-a0a6110e254c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCU-zwTMfsY8KyFsuyygXhjK_ABc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMjMxOTEzNDgyMjU2NzfIAQmoAwGqBLUBT9D944ce0HwBgkXUZueyPQV5RH1c9f4ifeM2ABhzhQQToAqK1KwHOU9WptlPI5lIVuXA2n8iNOW6ag1-n95SjVoKZiw7_3A639iDfBWc0wd8VHynGovSbU5M5E9DQUT27BRuAfgo7qZ8NbaCqjcrtMIqWavVOkPEpVjnhISB4gRVSt-vmQe0DeeMEpwRkJYGa7ea4IxB4jjwpB0c3kPEz2x6xrnVh1Jklk6DE20xBYodv3Hpm4AGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2wUcr5xXoFBo124b6SyFPwrRpaGg%2526client%253Dca-pub-2123191348225677%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2123191348225677%26output%3Dhtml%26h%3D250%26slotname%3D4854096690%26adk%3D1784139003%26adf%3D3048628840%26pi%3Dt.ma~as.4854096690%26w%3D300%26lmt%3D1676461900%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.spytox.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676461900070%26bpp%3D1%26bdt%3D576%26idt%3D256%26shv%3Dr20230213%26mjsv%3Dm202302090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D6988077355692%26frm%3D20%26pv%3D1%26ga_vid%3D1247704918.1676461900%26ga_sid%3D1676461900%26ga_hid%3D700332127%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1030%26ady%3D498%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44782466%252C31072254%252C31072288%252C31071663%26oid%3D2%26pvsid%3D733766993489491%26tmod%3D1859599411%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC8dY4cnHz3%26p%3Dhttps%253A%2F%2Fwww.spytox.com%26dtd%3D260&ancestorOrigins=null&random=2742764930279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 320cead31c1fa82e69bd30ae8b5ec8d05fc6e3c86d7748c781fb1885828de79b

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2048
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Feb 2023 11:51:41 GMT
Expires: Wed, 15 Feb 2023 11:51:41 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame B831
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=20615600077414700951393012236011
https://ad-server.eu/wm/pb/native.png

68 B
312 B

184ms
32ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:54:29 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 92467566:A488_91EFC182:01BB_63ECC74D_51C9F8:C02D
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame 9C13 675 B
781 B 59ms
21ms Document
text/html 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=01b963ec-c74d-4d00-b23a-a0a6110e254c&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 457 2362390 master cdg-pixel-x34 config:1.0.0 /
Resource Hash: 70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 15 Feb 2023 11:51:41 GMT
Expires: Wed, 15 Feb 2023 11:51:40 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 457 2362390 master cdg-pixel-x34 config:1.0.0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 863A 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:06:29 GMT
etag: 48472445140208031
expires: Thu, 16 Feb 2023 11:06:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B831 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfef606aae3f1d05b2120305a2c0c09b0dcce34b491d58689376fff990cbc55d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img
sync.mathtag.com/comp/ Frame B831 0
505 B 67ms
30ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 457 2362390 master cdg-pixel-x25 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: MT3 457 2362390 master cdg-pixel-x25 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C006 4 KB
651 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 11:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 11:33:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 11:51:41 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C006 11 KB
12 KB 35ms
12ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a72b09bb4a42fedf08dd95d0d313377e7efb4e1dd70e254fc5a2dd43b9c58c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11596
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C006 12 KB
12 KB 47ms
12ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 507e2bafbca8ba90aa772a561b260719eeaaa22cf4ffac8a7281d2432856cad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12111
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C006 9 KB
9 KB 48ms
12ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fe0eb7fd674ca155eca6485d63a6c8535e13d664f365d9ad75e5b29bd9ba896c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9507
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 863A 0
103 B 20ms
12ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEB0suwrTxegb2CQ-VckU8sw&google_cver=1&google_push=Aa02lx-rcrkOdSWmMr417-1z6naF9tw3ZD-GCEC12qPv5EFxGbE3LGrxgUj2YKomtlAQ2RCCYI1b-zkXCFQ4lFCZvmICSNzUOQedDVs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 863A 0
191 B 102ms
17ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENZjyCqcv1D0ljZ_608TbrI&google_cver=1&google_push=Aa02lx8sjT6pDLZ_xk00alH1wfTb7MYwF6kjNmuWd4zgZN7UllBdc6PcP0Uwhk-JkIrTbMB9A47cRbJtGg37qSFnDypkln6xGN7uSyw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 863A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKxP4W9toTkX6bTwfBJBURo&google_cver=1&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oHsksul3Ss&google_hm=eS1rT3hvdW14RTJwR2t...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oHsksul3Ss&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 11:51:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9n0uavamvKgFEL7ZVDmEVsUDAeo-A2Iy92r4r6onLPUoU_8dqH4RoNRvh69zuEPeh_uwnZSmKkg4VM_9Y22KjY7oHsksul3Ss&google_hm=eS1rT3hvdW14RTJwR2t3OTBBM19vRXFIOWI1TFgzWXRuS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 863A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx8JcDDdookIViIq61EM2mIrxDRK-2ko3...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx8JcDDdookIViIq61EM2mIrxDRK-2ko3FmvhXtNiDquV1Mwbb0qCklTnLWoEHJTnnLxId6Cln5nQHJsefcFlQ6xJ2_C1Mt8kg

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwSTEGExLWoPX4phCgUzk&google_hm=Y-zHTWpwwCFa-x_H7JD8lgAABHoAAAAB&google_nid=index&google_push=Aa02lx8JcDDdookIViIq61EM2mIrxDRK-2ko3FmvhXtNiDquV1Mwbb0qCklTnLWoEHJTnnLxId6Cln5nQHJsefcFlQ6xJ2_C1Mt8kg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 863A
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEICd75dT-3WE_QF3RXK2lVc&google_cver=1&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEICd75dT-3WE_QF3RXK2lVc&google_cver=1&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8&google_hm=GKRnqGZHAgVx8nopR9G...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8&google_hm=GKRnqGZHAgVx8nopR9GrP6ie

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8X5MlDR4AfM4qxCymOFBZB2DYpFWQ6LfWdq-WxlbpZZdvcxut1j5JYsj5qDRX-1FflzVXT2fuVpbCjILeNB5NOF-HLkzBhfh8&google_hm=GKRnqGZHAgVx8nopR9GrP6ie
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 863A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMflzA7gNSLmMpebAey4xQg&google_cver=1&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094PaS6oCNKsBEwc4MMxOXkzAnw4SbmGAy_gdXYwRIJFvZm...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094Pa...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094PaS6oCNKsBEwc4MMxOXkzAnw4SbmGAy_gdXYwRIJFvZmM9CwY

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc4NTQ4MDg2NTA1MjUwMzQ0MjI3Nw%3D%3D&google_push=Aa02lx-QeoKKZJiLIeQ7bh65qXQteLMl1qlwBSyyBI6HOvpYK4n094PaS6oCNKsBEwc4MMxOXkzAnw4SbmGAy_gdXYwRIJFvZmM9CwY
date: Wed, 15 Feb 2023 11:51:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 863A 0
45 B 283ms
24ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBXaf3v1SaZ1vTEoOwlYhuk&google_cver=1&google_push=Aa02lx9Tvy_Kg9jsIkMC6YkS0bZFPjzFv1wgpAdc13UZLWn8aGVsucx8uy-KcrT2kFbrZxDNOpvdXrnrI7tPMMS8w-641Wdhq1UrNy8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 863A 0
12 B 20ms
17ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4Aman80tTmg3JVQZGC0CoVBx05ScAz8JapCvwvgvxYnAerk3VqPr12lrDsqMqrIeVlS6M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame C006 0
150 B 43ms
16ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=20615600077414700951393012236011&a=0d7df07d&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
sync.mathtag.com/comp/ Frame 9C13 0
505 B 59ms
31ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=01b963ec-c74d-4d00-b23a-a0a6110e254c&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 457 2362390 master cdg-pixel-x30 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=01b963ec-c74d-4d00-b23a-a0a6110e254c&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:41 GMT
Server: MT3 457 2362390 master cdg-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Feb 2023 11:51:40 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C006 13 KB
13 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 06:36:22 GMT
x-content-type-options: nosniff
age: 105319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:36:22 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame C006 13 KB
13 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:06:25 GMT
x-content-type-options: nosniff
age: 510316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:06:25 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame A92D 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2255343291
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:41 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B831 85 KB
31 KB 84ms
15ms Script
application/javascript 18.65.39.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=20615600077414700951393012236011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-105.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:15:15 GMT
content-encoding: gzip
via: 1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 12987
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ORNw1rCkGi68P6eCTIUUkQBIDqJx--c7B2nDBMP3MocEBXRbqsFpTA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame B831 85 B
437 B 74ms
18ms Image
image/gif 65.9.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1676462201&Signature=LU~LY9AYo8KbQ-f52VfzL522inqNIdUO29ru1iJ2MnsWSuOiL6JwP8ms6j4sdU2LhW1mJumoq3ys42YdwAMhwqCPqwK0h5FKotuw~bKkEYUIo5p9z1wjL2OhUr0rS4velMYiVQMPQ48ZDW2gJH-dqzr6BMsQKykLKlbmNnDtyAQdjEqSSzrWJPa2j8nsFTwKaGWQubjb4S5KnS~Hl848DxhkBrl3hpmokPxe5QOkjRMfrYTWNvIeuC2F4kBVZPpCK0JL~BiFwzChPCFut6PZvTzJecf5RQ2FtmSj0jd7Ah3aQt67HA-FNN9wnNvEMJqn~2Swk9wkX61r8A1AZRdMUw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2123191348225677&output=html&h=250&slotname=4854096690&adk=1784139003&adf=3048628840&pi=t.ma~as.4854096690&w=300&lmt=1676461900&format=300x250&url=https%3A%2F%2Fwww.spytox.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676461900070&bpp=1&bdt=576&idt=256&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6988077355692&frm=20&pv=1&ga_vid=1247704918.1676461900&ga_sid=1676461900&ga_hid=700332127&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782466%2C31072254%2C31072288%2C31071663&oid=2&pvsid=733766993489491&tmod=1859599411&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=C8dY4cnHz3&p=https%3A//www.spytox.com&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-68.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 15 Feb 2023 05:03:29 GMT
via: 1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 24598
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: eEBJPChRFGeCk6Au_Iv8WTXnyoFlvDaVSRb0bN-WtdOoMtRc6RqHww==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A6B3 103 KB
40 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15215500832e032b777d911c7ccee0afde6c820d73b04894db58c82ce31cb03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40792
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 11:51:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 109ms
66ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230213&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dbd6cdefb6d726a47988ec8ce95b7e6278da1dab620aa6f4cd80013c07b2a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11065
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:51:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A492 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:39:16 GMT
expires: Thu, 15 Feb 2024 11:39:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD11 783 B
535 B 46ms
45ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e8590b94887b89cc0f823411da24ef60be41a3b40b5e42823846652a807ceaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5liXjqm-2dAkQvn-fUQBdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.spytox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-5liXjqm-2dAkQvn-fUQBdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 11:51:42 GMT
expires: Wed, 15 Feb 2023 11:51:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame A492 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 11:06:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A8B 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNOrogXfqpAdhRP1OkLPRp3CmZO-v1ax52dHY-BrzgjZhssaBPO65WJWgyG1cd8zLUlcyNZDC8KK63e6-9m19WLiBkUkemdpS3PRx2EtfhK3qmGUOCLshLJ9mXalX25KqS4I3R3w&sai=AMfl-YQHuN4pESAsML_OMKyaghzfRytNIh1RhAHX0OWXSidBqbza1QISWrRdjxQpYlz9yiEar52vZvYERGIH3ADmi6I2E7vcvw3dZtg&sig=Cg0ArKJSzNDNeaNfeu7_EAE&cid=CAQSKQDUE5ymGSqc7I76rK1J4Bso_WXxUSuQvyz1DPiq4cxFJdaDPO2VVCTwGAE&id=lidar2&mcvt=1004&p=0,0,280,336&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3439474726&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676461900320&rpt=1004&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 11:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD11 0
0 52ms
52ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230213&jk=733766993489491&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A492 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FJBZdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:51:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B831 16 B
232 B 90ms
90ms Fetch
application/json 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 11:51:43 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 139ms
23ms Preflight 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 15 Feb 2023 11:51:42 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230213&jk=733766993489491&bg=!i4iliNzNAAYuhb89DoU7ADkAdvg8Wl3i3AmxNc7aXqJKuf4uvsxWKS5-kcvPcfHKrW7Kx18SIXdFiQ_4G38BlzMqoJ8sscurjVYCAAAAVVIAAAADaAEHCgBTMz1hiK7xYLjy234jOUkPrI7bp0HL3-JEwaJaC3ilkOqXEKuGQfe28_338opx2QOtK0Oco-iHe3Dp9LJuIzZXTVIzDIHpC5hrXbw2yuyKBJFvpPiZAtfpk0xhZIRMmAft8zmdtDhRyucR1vpN87mXYZVHk4PKacstL_c_NUDdxVg8AyjJfQjQRg7037PVv9bnii5MlcQg80dZUDipzp9sRHLUias212JnRZoHCFeA28Gw4gPnkoprvT9XwL1IQgeEUNSRqzMUTEFdoe2ZF1rfQgaoqIn4M9zmzHbCFGgptN1Me6amThO-fPwbzm0G30WWIbGocbt6_5u4tGK0WfFUJ-LOGX2ogMT4tscFfImQ8qpooxVwcGtdZ8RZlgmq0JGwTtF5nqqmf8PQF1yMSSTvVzdfityDvrKMBUkTeHlH0newc5_0yXy0H-zqGHVwp6OFmf1hKR1RK4YNGWJ7IbQq0zMct3zdCGQimCqsx__G9P0JyLQZTg7-8u9texAoh-CYjiU_qSXy3hjKNHBBf18e8YE9PuOzB6OsjnkYg-nkXf_21s5xUWaRDyb9NJNwjGH-k9ZqGypQNDGxPjxaHGFdK_Tce1HFSpRp5ke7ViUwAozt2eXvmlgBeN7rkjidNheB_djVqOFb1HnWAjex2sy5VgWUG4qMlAoZobkAg15o5YjRRuW7WmX6izuvYAGBpP-hHAVcnoG3gyGwZaRVEFSJlDeUAA5xvaaFnGu7O0XbqQSjfj94l1oOliMRqNF-ksV2kqYePW5X-JRoW2jvc7BMKErvxIgwU5pXtijCknEiLlB28zBLUPyvWz5GDz0vDEOY42nu-wjbvrKls4NjbgNKtNQspzqoLwbTaM_bGUOMINx05I74mvQpykCNnAdgBN8UbuAdaURfeLTWXO48WcQlvY2ATkWfWKKReonvonfxRKaQbABKnXZhq79ceR8bFBfQntpAXowdcBlWotbkQLkOmaNMooRRhv91ox4adwVOybILO5qCh-CQj-CG-0PtyQXqUa75FPsLzXXiEUCoJvquk3JJa27IScNwQ6nxZEnnrass4V57r1Nu2OCQ3y2_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.spytox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame C006 0
150 B 34ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=20615600077414700951393012236011&a=0d7df07d&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=20615600077414700951393012236011&a=b2bee9e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 11:51:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spytox.com/	1970-01-20 11:50:37	Name: _gcl_au Value: 1.1.2052454115.1676461900
www.spytox.com/	1970-01-20 19:08:23	Name: __atuvc Value: 1%7C7
www.spytox.com/	1970-01-20 09:41:03	Name: __atuvs Value: 63ecc74c3e935b73000
.spytox.com/	1970-01-20 19:17:01	Name: _ga Value: GA1.2.1247704918.1676461900
.spytox.com/	1970-01-20 09:42:28	Name: _gid Value: GA1.2.1419539734.1676461900
.spytox.com/	1970-01-20 09:41:01	Name: _gat Value: 1
.addthis.com/	1970-01-20 19:08:23	Name: uvc Value: 1%7C7
.spytox.com/	1970-01-20 19:02:37	Name: __gads Value: ID=72d20bb153659ba7-22216e6f91dc0036:T=1676461900:RT=1676461900:S=ALNI_Ma3LaZBkaRcuvVstlYPBjgYtdM3Bw
.spytox.com/	1970-01-20 19:02:37	Name: __gpi Value: UID=00000bb71e15cdca:T=1676461900:RT=1676461900:S=ALNI_MZ5wpc86EG6WcxUZF6Cm8DdgGEUCA
.addthis.com/	1970-01-20 19:08:23	Name: loc Value: MDAwMDBFVVJPMEIyMjQ1MjA2MTAwMDAwMDBDSA==
.quantserve.com/	1970-01-20 11:50:37	Name: d Value: EBYBCQGmKIEA
.quantserve.com/	1970-01-20 19:11:16	Name: mc Value: 63ecc74d-23f1e-382df-18b41
.adfarm1.adition.com/	1970-01-20 11:50:37	Name: UserID1 Value: 7200349037793245328
.simpli.fi/	1970-01-20 18:28:04	Name: suid Value: 4674238905744FD9BC1DB27513FC71DA
.ctnsnet.com/	1970-01-20 18:26:37	Name: gid_CAESEFiW2QyHdbzFY5oDYky71Fg Value: 1
.ctnsnet.com/	1970-01-20 18:26:37	Name: cid_829b698e6ba9459e8d9164c68f820cde Value: 1
.360yield.com/	1970-01-20 11:50:37	Name: tuuid Value: 93685d03-7d29-41a4-ba73-37f916f5bba0
.360yield.com/	1970-01-20 11:50:37	Name: tuuid_lu Value: 1676461901
.3lift.com/	1970-01-20 11:50:37	Name: tluid Value: 3785480865052503442277
.bidswitch.net/	1970-01-20 18:26:37	Name: tuuid Value: 57b0fa2f-f74b-4c20-9c0e-d71571196735
.bidswitch.net/	1970-01-20 18:26:37	Name: c Value: 1676461901
.bidswitch.net/	1970-01-20 18:26:37	Name: tuuid_lu Value: 1676461901
.mathtag.com/	1970-01-20 19:06:57	Name: uuid Value: 01b963ec-c74d-4d00-b23a-a0a6110e254c
.mathtag.com/	1970-01-20 10:24:13	Name: mt_mop Value: 4:1676461901
.yahoo.com/	1970-01-20 18:26:59	Name: A3 Value: d=AQABBE3H7GMCEF5yUgCIMmqDgRDJdMJMPOEFEgEBAQEY7mP2YwAAAAAA_eMAAA&S=AQAAAnJF4LNVL1JQJWQBRhkSpMo
.doubleclick.net/	1970-01-20 09:41:05	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:02:37	Name: IDE Value: AHWqTUlgZCFo-ot4Oxwx6KpvKun37eNa9yX-gbov_UbJkswsyX8SjpLe0dcYSwtP-wU
.adform.net/	1970-01-20 10:21:21	Name: C Value: 1
.casalemedia.com/	1970-01-20 18:26:37	Name: CMID Value: Y.zHTWpwwCFa.x-H7JD8lgAA
.casalemedia.com/	1970-01-20 11:50:37	Name: CMPS Value: 1146
.casalemedia.com/	1970-01-20 11:50:37	Name: CMPRO Value: 1146
.adform.net/	1970-01-20 11:07:25	Name: uid Value: 4933214495138161217
.retailads.net/	1970-01-20 10:24:13	Name: ppb2172 Value: 2255343291
.mathtag.com/	1970-01-20 10:24:13	Name: mt_misc Value: mt_bt:1
.lijit.com/	1970-01-20 18:26:37	Name: ljt_reader Value: GKRnqGZHAgVx8nopR9GrP6ie
.futalis.de/	1970-01-20 11:07:25	Name: raSIDb Value: 2255343291
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: tipw3mmiv3j1p2qsk2x4q05w
pb.media01.eu/	1970-01-20 19:17:01	Name: DTU Value: 3A37914813E8A3A33240FDB05C85BD52
.office-partner.de/	1970-01-20 19:17:01	Name: source Value: {"webgains_webgains":{"timestamp":1676461902043,"clickCookie":false}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://spytox-3744.kxcdn.com/assets/js/javascript-v1.0.min.js(Line 118) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api-public.addthis.com
api.webgains.io
apis.google.com
c1.adform.net
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
m.addthis.com
match.360yield.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pv.medialead.de
rtb.openx.net
s7.addthis.com
spytox-3744.kxcdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync.mathtag.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
v1.addthisedge.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.spytox.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
13.248.245.213
138.201.63.164
138.201.64.38
142.250.185.66
143.110.192.167
145.239.193.130
151.101.192.84
18.130.177.194
18.156.94.30
18.169.219.247
18.65.39.105
185.29.132.242
185.29.134.244
185.80.39.216
185.86.139.104
2001:4860:4802:38::178
216.52.2.6
23.35.237.151
23.62.220.135
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2004
2a01:4f8:d0a:2321::2
2a02:fa8:8806:16::1370
2a05:d018:d29:3601:6231:b27f:a0d:3cfb
2a0b:4d07:401::1
3.65.104.22
35.186.193.173
35.186.253.211
35.204.158.49
37.157.6.241
49.12.22.42
54.76.176.197
65.9.86.68
69.173.144.139
85.114.159.118
88.198.250.30
92.123.37.164
94.23.99.218
98.98.134.241
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07ec75c74a2fe77b8e80c9fa84feb0d7d1bc5716d070571967df2e6431860fc0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
15215500832e032b777d911c7ccee0afde6c820d73b04894db58c82ce31cb03c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
2dbd6cdefb6d726a47988ec8ce95b7e6278da1dab620aa6f4cd80013c07b2a56
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e6f0e526b7bd6c1fabe94ef0d2629eac9f9ad2bb7d3dee6172809dbedd32d9
320cead31c1fa82e69bd30ae8b5ec8d05fc6e3c86d7748c781fb1885828de79b
334145925346753db83adddd8461997a8a29b9f0b9a0f6d82b6541e0f5b3b939
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
34d061306b6187d4cc5769ddfa9d610414ac75a0e901a491501d3785424b4ced
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3d1eedb6972fcfcaab179edfbabff2031d6a5cc14978916203aa52cd68b43881
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
42d96d4d0dd893a1796f1a39ef3a7ab4f75a6b01061f4679c48005da0e89ed94
42e1ca55eeb384f871974cdb04b799d6b9e5690c38404de76caf9680ddef6ced
42fc4634fc39d2e542895589c1f572f353384012088e92bf56d6dd38d16a23f5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507e2bafbca8ba90aa772a561b260719eeaaa22cf4ffac8a7281d2432856cad8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
56ab1c25d259ee56ca163d405e1b13858dfd0cebcef93459db746e2503673090
57b72e89c02a54a558fb85697d678becb87713199ddb546efcdf6be95b499cd5
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4079c11aa07b2a4ce80b585e6fbb7cc19febc5bbbb42c66d93b959a52b5320
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6d5be2e41cc63ddda3ec3a5e2c0180a705472d29acfe99758f4d2b64b3ee88dd
70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e
7222d79fbe9d7804becdeb125ab263e7e62768270633bfc5ee8c4758e330ff84
7463b3f6fd3500884e8d7086a167d3d3c7fa52456d5d889b285fcaaea124b20a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
89a032d525be8fb5e75f1e0637c4517d541f3cdf6d733bf9ac242a56397792fa
8eb65713ae9c0e69411b79521f038e18a8c1fb08e8a4e0cf8b907ff3e82c2d8b
918960055a6ad1ffd00476c099f700edfe0f64d7dda70ceb531c7e846a16a4cd
93516369648dbada4bbf55b7e3131ab6b6235ad6214c3e05d525777c2dc7be45
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e8590b94887b89cc0f823411da24ef60be41a3b40b5e42823846652a807ceaa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72b09bb4a42fedf08dd95d0d313377e7efb4e1dd70e254fc5a2dd43b9c58c36
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adfd11698a0b169af3f0f9da0a96cc64ee0afeb77603fc428f341ac3135f65e7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf1496600ff0930080a8a78920315cf15fe2979257e58b55511df809fe637edf
bf7b5ff150f5d4774b07ebc8c3a6d0f8da1d77cb34dc675b41bd5435024d1bc6
bfef606aae3f1d05b2120305a2c0c09b0dcce34b491d58689376fff990cbc55d
c0a5c08678ba83e8a429cc770d9213b86745283b255d5ecd63742fb3ccca130f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c19fa29fb376eb8740d3e19c058d37c79e38249b9c0c0626a3dc8590ea42200b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6e5073776f904be7f2de791b5a290f06c2cd3050d9463d9ea47dccc9a24b4bb
c8696e4a3624f442441d72c25a05088af09452d73e66b23ceeb8d241a412084c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc5d0a4a4d08865feed4a4f929e27dde102ab3cd9acbaad2f4ff8d5989c2a33f
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e507cb26a024ab28152f2b7a2dca0ec245b3245ebafd66e236f97cd5c9396173
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f18e5f2ed5bd7e830c4057791d021e650ea754a73979f85f9342ab2a5a4be737
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f54180f1b1da637fbd3321fb28aa7265233df13d69d0061f8951256222b955e3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7168160927a63bb5a9776d1cc68f9f62a4c3980b7f13380cbf49c9a13a0fccb
fc09896e4d37aae0a3c4c645f5d02ccae04188b8687a06064c83222aa3b21d00
fe0eb7fd674ca155eca6485d63a6c8535e13d664f365d9ad75e5b29bd9ba896c

www.spytox.com Open in urlscan Pro 143.110.192.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

89 %HTTPS

38 %IPv6

43 Domains

56 Subdomains

40 IPs

11 Countries

1524 kBTransfer

4265 kBSize

39 Cookies

2 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.spytox.com Open in urlscan Pro
143.110.192.167 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

89 %
HTTPS

38 %
IPv6

43
Domains

56
Subdomains

40
IPs

11
Countries

1524 kB
Transfer

4265 kB
Size

39
Cookies

149 HTTP transactions
4 data transactions