urlscan.io logo urlscan.io
SecurityTrails logo

www.proxysite.com Open in urlscan Pro
44.205.241.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://proxysite.com/
Effective URL: https://www.proxysite.com/
Submission Tags: falconsandbox
Submission: On July 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 5 countries across 31 domains to perform 192 HTTP transactions. The main IP is 44.205.241.182, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.proxysite.com. The Cisco Umbrella rank of the primary domain is 205096.
TLS certificate: Issued by Amazon on March 28th 2022. Valid for: a year.
This is the only time www.proxysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.208.153.128 14618 (AMAZON-AES)
17 44.205.241.182 14618 (AMAZON-AES)
17 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 104.244.42.200 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 1 34.251.55.128 16509 (AMAZON-02)
13 142.250.186.98 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 35.186.253.211 15169 (GOOGLE)
3 185.64.190.78 62713 (AS-PUBMATIC)
3 3 69.173.144.165 26667 (RUBICONPR...)
5 5 104.18.18.126 13335 (CLOUDFLAR...)
1 1 3.122.145.17 16509 (AMAZON-02)
2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 104.90.192.27 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 172.217.16.198 15169 (GOOGLE)
6 6 104.111.239.217 16625 (AKAMAI-AS)
2 148.251.139.77 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 46.236.35.87 12703 (PULSANT-AS)
2 13.225.78.23 16509 (AMAZON-02)
4 54.76.212.160 16509 (AMAZON-02)
192 33
1    3.208.153.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-153-128.compute-1.amazonaws.com
proxysite.com
17    44.205.241.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-241-182.compute-1.amazonaws.com
www.proxysite.com
17    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
20    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
29    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.251.55.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
13    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    3.122.145.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
2    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
2    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    46.236.35.87 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net
track.webgains.com
2    13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net
analytics.webgains.io
4    54.76.212.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
499 KB
34 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 189
173 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2826
ad4m.at — Cisco Umbrella Rank: 2219
assets.ad4m.at — Cisco Umbrella Rank: 38009
1 MB
18 proxysite.com
proxysite.com — Cisco Umbrella Rank: 163903
www.proxysite.com — Cisco Umbrella Rank: 205096
167 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
175 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
1 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18555
api.webgains.io — Cisco Umbrella Rank: 53778
103 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
254 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
149 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
4 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38795
174 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14048
3 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 101581
static-de.ad4mat.net — Cisco Umbrella Rank: 150263
8 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
3 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
1 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
248 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
550 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1107
1 KB
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 53303
969 B
2 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 17689
1 KB
2 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 77700
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1872
1 KB
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1383
592 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
86 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 557
763 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 907
356 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3023
375 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
646 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
3 KB
192 31
Domain Requested by
29 tpc.googlesyndication.com googleads.g.doubleclick.net
www.proxysite.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.proxysite.com
17 pagead2.googlesyndication.com www.proxysite.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 www.proxysite.com www.proxysite.com
13 cm.g.doubleclick.net googleads.g.doubleclick.net
www.proxysite.com
12 assets.ad4m.at as.ad4m.at
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
6 fonts.gstatic.com fonts.googleapis.com
6 www.googletagservices.com googleads.g.doubleclick.net
5 ssum-sec.casalemedia.com 5 redirects
5 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5 www.gstatic.com googleads.g.doubleclick.net
4 api.webgains.io analytics.webgains.io
4 track.webgains.com as.ad4m.at
track.webgains.com
4 www.awin1.com 4 redirects
4 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 platform.twitter.com www.proxysite.com
platform.twitter.com
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com googleads.g.doubleclick.net
3 rtb.openx.net googleads.g.doubleclick.net
3 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 analytics.webgains.io track.webgains.com
2 www.conrad.de as.ad4m.at
2 www.zenaps.com 2 redirects
2 banner.congstar.de as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 e.dlx.addthis.com 2 redirects
2 ag.innovid.com googleads.g.doubleclick.net
2 prod-rtb.ad4mat.net www.proxysite.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 syndication.twitter.com platform.twitter.com
www.proxysite.com
2 www.google-analytics.com www.proxysite.com
www.google-analytics.com
2 connect.facebook.net www.proxysite.com
connect.facebook.net
1 d.agkn.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 pixel.everesttech.net 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 proxysite.com 1 redirects
192 42

This site contains links to these domains. Also see Links.

Domain
eu17.proxysite.com
pryvacy.com
Subject Issuer Validity Valid
proxysite.com
Amazon		 2022-03-28 -
2023-04-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-06-18 -
2022-09-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-06-08		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 32 frames:

Primary Page: https://www.proxysite.com/
Frame ID: 6E7553673CFABC378899E9183FFA59AC
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html
Frame ID: F5F6F636692CA8A0AE1E0F6A5E2466EA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.proxysite.com
Frame ID: F7441818EC8BB5B08026415EF1E179A3
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df499ffed8469ac%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff6cb47873aa66%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false&width=80
Frame ID: D42F7161002ADB2584984EE1AB586BC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Frame ID: 775A02E70CBCDFF93606E1AA0492B44C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Frame ID: A681DD0770A26D27C3F4473F8E5C13CC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1657202930&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930553&bpp=1&bdt=516&idt=177&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VeUfCntcRH&p=https%3A//www.proxysite.com&dtd=179
Frame ID: 8087BFD2C0099FDB3A86F10715C641BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1657202930&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930554&bpp=1&bdt=518&idt=182&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=187
Frame ID: A9F23CA1626B07C8838BB2277A8B9605
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.en.html
Frame ID: FA798212EED7381989FC46C920A3931E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Frame ID: A817B80DBC8037E11731DBA7A822CFBD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Frame ID: 6319954D4011B83195AB6EDAC2969E4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Frame ID: B3DB59C572F3A5569C05579EB7D360B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Frame ID: D81D9B896D7005D44D6D743378E2B92A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Frame ID: AE09F192C97BEAB633CAC596C537B3F8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CcIQ98-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoEwgFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2aTN4LPpHGJNaEZ7WgPOFFVTrmt3H7wjOcroZTYTDd9FOdCFr41SoAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=04g4bv4nhc0&uach_m=[UACH]&cid=CAQSPACNIrLMolDABE4eZiIOcmiN0_LZ90Tt4k7aPIEzC3W1CpeXYjCQYHge3_UUb9BQXV-aD5jG9j6_FJSbcRgB
Frame ID: C62AF71413CE034479225BC5DB556CB7
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
Frame ID: D343F73230CCE44973689B8F3F835D71
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27D5857ACCE2BCF5FFC78EFF00ADC220
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CP_Fe8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoEwgFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8jmfKfgQz_sC3_bIA_fyrMILqD5ahkQpAXcd-gAiFtX2mYlA09hi4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=9AmiJVxOA-w&uach_m=[UACH]&cid=CAQSPACNIrLMIVtg2ksF7oUvHV42W5Qblz7jLlbfVdLgBl1ahI4kcAF732HBEyAS_bv-nwJTxUPEpQF8Bus99hgB
Frame ID: 1DC4652C16ABBB159DBAF4F62136B306
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
Frame ID: 957BD5EEDE080B42853B398360012B9A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A17C23CA95D1B811D705151BFA7BABC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 622F91CBBCD95D5219A23AE7F4DD508B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4FB7D7D05B69B41116561B4EE46EFE0B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: 961E0F4CEE78062E96FEA962AC0BA9E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89B09AD653A4B9C3877C203D1CE878A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: D51585DBEB4F161F058C9283892F9474
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: 9BCE67008CC120CAB01B87B6983B15BF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CD89C1F6A20FBD95B6C7859AEEE00995
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 314A3A1D7C3A45C5DDF21501ED5A5ABB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 733EC716D02034FDBD97D0734E81A2BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A009CC15EBF34F4B146657D75C697D8
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Frame ID: 0D867AC0FE574350025DE1FB2D69D3D0
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Frame ID: 955C3356D9378DEC541E21435746D500
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ProxySite.com - Free Web Proxy Site

Page URL History Show full URLs

  1. http://proxysite.com/ HTTP 301
    https://www.proxysite.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

192
Requests

93 %
HTTPS

55 %
IPv6

31
Domains

42
Subdomains

33
IPs

5
Countries

3061 kB
Transfer

5873 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://proxysite.com/ HTTP 301
    https://www.proxysite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6OiKVOI3wsQdifbVnZ84S1HcPLx_4urubhkegeAekC1EUZaVH10CRyC9TI&google_gid=CAESEOcORl_vp7EUgik5glH_z0Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNibzlBQUFCWi1kb0U1NA&google_push=ARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6OiKVOI3wsQdifbVnZ84S1HcPLx_4urubhkegeAekC1EUZaVH10CRyC9TI
Request Chain 120
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDIIA_TeSdn9XvRmsurFj6c&google_cver=1&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWkTJUgdQWFuoCJTih4UVIi_TfM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUEtRS1NNFVS&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWkTJUgdQWFuoCJTih4UVIi_TfM
Request Chain 121
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_cver=1&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk3LEymwP_wGZfM-HMRGAWX4v5_bDifB-0fsM19jZoIB8dMuGZvZY_2EkWDERjx0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk3LEymwP_wGZfM-HMRGAWX4v5_bDifB-0fsM19jZoIB8dMuGZvZY_2EkWDERjx0&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk3LEymwP_wGZfM-HMRGAWX4v5_bDifB-0fsM19jZoIB8dMuGZvZY_2EkWDERjx0
Request Chain 124
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPUCUyKqBK3TO49ft-qAI1w&google_cver=1&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU&google_hm=Q0FFU0VQVUNVeUtxQkszVE80OWZ0LXFBSTF3
Request Chain 127
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpSDI8S6Hx0Kt_X9fZnzpA&google_cver=1&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCattgcmsanscBF2k7Jhy7ADV9AnU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUstMjMtTFczUg==&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCattgcmsanscBF2k7Jhy7ADV9AnU
Request Chain 128
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_cver=1&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6MNM0-G_amDHRPWbSKMh8fx1tWp9TtYZBUHJIz1FUbz_Uz3rupT03CHRoi4Uv_SI HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6MNM0-G_amDHRPWbSKMh8fx1tWp9TtYZBUHJIz1FUbz_Uz3rupT03CHRoi4Uv_SI&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6MNM0-G_amDHRPWbSKMh8fx1tWp9TtYZBUHJIz1FUbz_Uz3rupT03CHRoi4Uv_SI
Request Chain 135
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 139
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 141
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE9dTIEUUDKxQXbWJB3nvNE&google_cver=1&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1fAvQmoGIlurRI1iSas9-Zq6RbTYOZ9ySmGmG8hcXMY3hQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1fAvQmoGIlurRI1iSas9-Zq6RbTYOZ9ySmGmG8hcXMY3hQ&google_hm=ShealDLwvc9e-AMOzKGqyA
Request Chain 142
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cejh483Y_I3Sl4lT1pMaR2w33o2t0Kd5AQw&google_gid=CAESEKnAjWFUeiMpEoDn1xeH6lU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cejh483Y_I3Sl4lT1pMaR2w33o2t0Kd5AQw&google_gid=CAESEKnAjWFUeiMpEoDn1xeH6lU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDcxNDA4NTMwMDAzOTU5NTk1ODE5OQ%3D%3D&google_push=ARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cejh483Y_I3Sl4lT1pMaR2w33o2t0Kd5AQw
Request Chain 145
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGygH6wIpZ_n3BRr4sU-1nk&google_cver=1&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnpBPDvwSnIPa1xYI6Hdps8ytAbT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2N0ktMVMtSktSRA==&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnpBPDvwSnIPa1xYI6Hdps8ytAbT
Request Chain 146
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_cver=1&google_push=ARnp8GDZkQYTicWXW2qeylyRtfC2_dIPqMXfAVkI5ygyCguuAcm_l55f1pt8c6RCbxFJss6zxvtSDO6HRq6mJfkGQCPiqxPvgyWLLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDZkQYTicWXW2qeylyRtfC2_dIPqMXfAVkI5ygyCguuAcm_l55f1pt8c6RCbxFJss6zxvtSDO6HRq6mJfkGQCPiqxPvgyWLLQ
Request Chain 173
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKmln4H65vgCFZOMdwod3k0Orw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55287cc0-fdfe-11ec-aa12-2231088bd649
Request Chain 178
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=55134710-fdfe-11ec-b9b9-223765e4ceee&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_55134710-fdfe-11ec-b9b9-223765e4ceee&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 182
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55132000-fdfe-11ec-a709-2234153bf6e9
Request Chain 187
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=5512f8f3-fdfe-11ec-a709-2234153bf6e9&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_5512f8f3-fdfe-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=

192 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.proxysite.com/
Redirect Chain
  • http://proxysite.com/
  • https://www.proxysite.com/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e4b65732f3f356186b2ab40482f562bd55177f2ca54db8cf9b3701549fd6ab80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, max-age=0
content-encoding
gzip
content-length
4242
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:49 GMT
expires
Thu, 07 Jul 2022 14:08:49 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Length
234
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 07 Jul 2022 14:08:49 GMT
Expires
Thu, 07 Jul 2022 14:08:49 GMT
Location
https://www.proxysite.com/
Server
Apache
96f631f.css
www.proxysite.com/css/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/css/96f631f.css?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:12 GMT
server
Apache
etag
"97e6-58465952eb312-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7817
expires
Sat, 06 Aug 2022 14:08:50 GMT
logo.png
www.proxysite.com/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/logo.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"cd8-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3288
expires
Sat, 06 Aug 2022 14:08:50 GMT
privacy.png
www.proxysite.com/assets/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/privacy.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1dbc-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7612
expires
Sat, 06 Aug 2022 14:08:50 GMT
speed.png
www.proxysite.com/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/speed.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"158b-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5515
expires
Sat, 06 Aug 2022 14:08:50 GMT
magnifying.png
www.proxysite.com/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/magnifying.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"2690-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9872
expires
Sat, 06 Aug 2022 14:08:50 GMT
computer.png
www.proxysite.com/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/computer.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1b25-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6949
expires
Sat, 06 Aug 2022 14:08:50 GMT
magnifying2.png
www.proxysite.com/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/magnifying2.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1b58-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7000
expires
Sat, 06 Aug 2022 14:08:50 GMT
logo-footer.png
www.proxysite.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/logo-footer.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"7b4-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1972
expires
Sat, 06 Aug 2022 14:08:50 GMT
jquery.js
www.proxysite.com/assets/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/js/jquery.js?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:12 GMT
server
Apache
etag
"17b8b-58465952b0993-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33760
expires
Sat, 06 Aug 2022 14:08:50 GMT
65f94d5.js
www.proxysite.com/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/js/65f94d5.js?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:13 GMT
server
Apache
etag
"9a33-5846595353af1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9611
expires
Sat, 06 Aug 2022 14:08:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3081adf195cf5ef4d21b77a728ed0b56e4ba08b81af7a10a5fc14dd7ce662ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56386
x-xss-protection
0
server
cafe
etag
3939794170877524714
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 14:08:50 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 07 Jul 2022 14:08:50 GMT
Content-Encoding
gzip
Age
1372
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (frb/668D)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
bg.png
www.proxysite.com/assets/images/ 		236 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/bg.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"ec-5846594186131"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
236
expires
Sat, 06 Aug 2022 14:08:50 GMT
raleway.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f

Request headers

Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3ab8-5846594186131"
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15032
expires
Sat, 06 Aug 2022 14:08:50 GMT
raleway-semibold.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-semibold.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a

Request headers

Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3b18-5846594186131"
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15128
expires
Sat, 06 Aug 2022 14:08:50 GMT
icomoon.ttf
www.proxysite.com/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/icomoon.ttf?-p3bna1
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1

Request headers

Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"a7c-5846594185191"
content-type
application/font-sfnt
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2684
expires
Sat, 06 Aug 2022 14:08:50 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80fc816d329adc725822f71706a74b14d9823a93ad9ec34813ff1877e3720e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0311b0chonIAH4iU09LAdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
7TgJM9UmkcnHTfxkkdIyGx8RPRD3lBhVeQ7kNu7kxLax02yO+VDbjr0jhNq3X3YRTZDKajlvz8Zf3Uq+KvXxSQ==
x-fb-trip-id
917726464
x-fb-content-md5
934deac80359a3be41451b08d73c161d
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 07 Jul 2022 14:08:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5aca41b786aaeeb2b50562e8e873c71d"
timing-allow-origin
*
expires
Thu, 07 Jul 2022 14:27:18 GMT
raleway-light.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-light.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93

Request headers

Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3a6c-5846594186131"
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14956
expires
Sat, 06 Aug 2022 14:08:50 GMT
raleway-bold.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-bold.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.241.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-241-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7

Request headers

Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3aa0-5846594186131"
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15008
expires
Sat, 06 Aug 2022 14:08:50 GMT
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c5c31db948045979aa8b662181384041
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
926fd2d1b351b9d31a60a6574b4a1511d14ae879ae8bdc54dd5fedacc9570c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.proxysite.com/
Origin
https://www.proxysite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CkYlytEt1e8HlZ8+8wPqeQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85936
x-fb-rlafr
0
x-fb-debug
XIDwMCYVfVSQb2nEhUe9Qkk2W5tSZYovNw7eblZuY4pLqHWlklMkAr0wJ4t2Ajn7pPOYsOH56JMx/uDRQvIAXQ==
x-fb-content-md5
097da437eba8f28fabb26448f2091de1
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 07 Jul 2022 14:08:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2386cb74248c2ad81b78f308fe70f716"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Jul 2023 11:14:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3841
date
Thu, 07 Jul 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 07 Jul 2022 15:04:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/ Frame F5F6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Jul 2022 21:11:42 GMT
etag
10429905676100781186
expires
Wed, 20 Jul 2022 21:11:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame F744 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.proxysite.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
148463
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Jul 2022 14:08:50 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67AA)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
like.php
www.facebook.com/v2.5/plugins/ Frame D42F 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df499ffed8469ac%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff6cb47873aa66%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false&width=80
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c5c31db948045979aa8b662181384041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 14:08:50 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
VVVqsy7lp7LA1bLcvqjyON9kH+9kgm39teXPPApa8801lFh1fLLERhu8EBZsdwmMp8kcdsg/jUr8SpQ25um25Q==
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2592a03b65ea03708474b9ea74d6ad3738c124df64d49b6113584fde7f409417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122423
x-xss-protection
0
server
cafe
etag
18266540604079000143
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 14:08:50 GMT
settings
syndication.twitter.com/ Frame F744 		580 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=8fa3160ffe9638bfd66e7493982bc6a56d1a0bf0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
163
date
Thu, 07 Jul 2022 14:08:49 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 14:08:50 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8cbca41a05c7abc679b0e3e0ac4218b7e624a8dd6aeaade3bf83af2c8c2bb426
content-length
260
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1733055402&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proxysite.com%2F&ul=en-us&de=UTF-8&dt=ProxySite.com%20-%20Free%20Web%20Proxy%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=727934552&gjid=1197185558&cid=1563271077.1657202931&tid=UA-45368124-2&_gid=1878065122.1657202931&_r=1&_slc=1&z=713603330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.proxysite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.proxysite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.proxysite.com&callback=_gfp_s_&client=ca-pub-5271052033776811
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65cff811cf09928d7c655e645ec2d4b0ec419c3efe8f3e67b2274cbdb1cff3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 775A 		86 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f6c4c1e5cfc802183bfa6a9205918264a13610ad7c46d0788f621208a77dbdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31462
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A681 		89 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d03e8582123f0fd996145ca75566a3f83c73a527929261d359fc22acf7c8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31376
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8087 		430 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1657202930&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930553&bpp=1&bdt=516&idt=177&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VeUfCntcRH&p=https%3A//www.proxysite.com&dtd=179
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31da1ef6d67a2179c50ce61552e08325b58446e7e190ce4601fb28243bd4b1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:50 GMT
expires
Thu, 07 Jul 2022 14:08:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9F2 		140 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1657202930&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930554&bpp=1&bdt=518&idt=182&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a650b721fc7bf646922ffccb4845b24c8c3711cc779f028ffddb570b37cb0412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
45320
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
button.06b07097969b3b070809511391362bf4.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.06b07097969b3b070809511391362bf4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 07 Jul 2022 14:08:50 GMT
Content-Encoding
gzip
Age
148464
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2358
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:01:33 GMT
Server
ECS (frb/668D)
Etag
"e16eea3c764138a15e7eea1bf8c0f316+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.en.html
platform.twitter.com/widgets/ Frame FA79 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
0a5ef09b251158639e50d9c0407ac9769b06fd4ae042cc8f4fb6d89b3792b410

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
148463
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12241
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Jul 2022 14:08:50 GMT
Etag
"be55e246c3f70e27d24ab05d24e53091+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:36 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/ 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.proxysite.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1657202930853%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8fa3160ffe9638bfd66e7493982bc6a56d1a0bf0
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
172
pragma
no-cache
last-modified
Thu, 07 Jul 2022 14:08:50 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
8cbca41a05c7abc679b0e3e0ac4218b7e624a8dd6aeaade3bf83af2c8c2bb426
x-transaction
a2a72eb28796e3c7
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/ Frame FA79 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame A681 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 12:54:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 14:08:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Jul 2022 14:08:51 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6af7487fdbfe887dafc3eb9edda214d319e05d4608012986895f07d0a42de38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54361
x-xss-protection
0
server
cafe
etag
11822694137219195543
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 14:08:51 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A817 		83 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa0fb5070a18a9e17126cf2187b0cfe9557e613d4433d193c97fe73eeab3e68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31149
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6319 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f7e8e4853d3475b0d1648b7a8e5bcb33fcbb512996490d6440be5d6bb7cfab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12328
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B3DB 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b30b67c6585347a5baa691d7675574154fde7bacd8f3686969ad5f3211f7d743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expires
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A681 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 13:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 13:59:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbPL-8ujGYuPJMKmXxdwPnY-AmAiasa-yUbSE_9zcCM-qqbrLCBABIIHzkylglYKAgLAHoAH0zuOVA8gBCakCQU5zZwkZsT6oAwHIA8sEqgTIAU_Q69dcE5CDcb-NbcyDCp7gNol96yeZdNOkZmjXWCgarMa19P043xjGHzpNeCMV3JKDEu4_zd6QiKYf4dzAJjUVUSnqbQpPdEKhH7yqdXX0pKvowgnale2sdqYoIMYb5bGRIqcQTviDxCRXsP8U-ux0NjO8owflABY25nWOi3BT71_2Kr2sntvuvsvrvjDLtV95LAxbyDT-5Ns8kykZkorKIrNdbPgfhDG4opvjPvBdnmg5iwuoPDGvBV2ZbziQVPnzSasasCp1wATPxeLErQGSBQQIBBgBkgUECAUYBKAGLoAH9LCcaqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELiDCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIJ9gTDYgUBdAVAYAXAbIXHAoaCAASFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=CaLeLPIju80&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 07 Jul 2022 14:08:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame A681 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A681 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A681 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A681 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:05:31 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame A681 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 13:16:52 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/980523926256175915/ Frame A681 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/980523926256175915/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2d54b29edf4ad85b9d2604f7e7e245f7779e5e5763f7dfb86da7cb02dfa597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 06:37:05 GMT
x-content-type-options
nosniff
age
113506
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18757
x-xss-protection
0
last-modified
Wed, 20 Mar 2019 10:13:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Jul 2023 06:37:05 GMT
truncated
/ Frame A681 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A681 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/ Frame D81D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 11:01:07 GMT
etag
10429905676100781186
expires
Thu, 21 Jul 2022 11:01:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/ Frame AE09 		173 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c247b6f637585f48c997f4dffc18b51c53d3765361f4ce8396140e49bd03b8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80609
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
39554
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Jul 2022 15:45:22 GMT
expires
Thu, 06 Jul 2023 15:45:22 GMT
last-modified
Fri, 18 Feb 2022 15:31:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame D81D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6AUc8ujGYs71L4zEzAbuzq7gAvLe2ZFopq_A4cIPlKSg3KsJEAEggfOTKWCVgoCAsAegAbm3kbAoyAEJqQJBTnNnCRmxPqgDAcgDSKoE3QFP0EU1SPmcKuHvPFI69J86si86JkmFnMztAk0Qm_lZX1q2jw6xak04M-zvf9T6CZz4HMMSQYdHVA3k99OWPM9F8nl0wHtlDMSiwZ-oT_6ACldIgtXTraqnyA_-RC1eyEPCKD9tSFBy0oGTW6PZtQdFwBNdxKfDumyKQMp9EY_6Y_TM0rGCu9VITK--0shXoXFM2mdSFhaVIRF3zVXjIlSG-MILqETwop1JUst_xvvgycBJbQkobtyuRXiDC_9debjB0rzCnZHOIhLCtM8StAdU-ckgAcaWqXwrd4Xg58AEt5T4-fgDkgUECAQYAZIFBAgFGASgBi6AB7nv4Y8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6LEC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=ZK0dUYjHk6E&uach_m=[UACH]&template_id=419
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame D81D 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:53 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 775A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 16:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 30 Sep 2022 16:51:29 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame 775A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 14:43:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 02:13:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 14:43:27 GMT
css
fonts.googleapis.com/ Frame 775A 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 12:53:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 14:08:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Jul 2022 14:08:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 775A 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 13:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 13:59:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame 775A 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 775A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 775A 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 775A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:09 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 775A 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 13:16:52 GMT
truncated
/ Frame A681 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66e5c5a7c99039620f227bcbec1debee6828015f5c65ada20ce6853aee22df16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A681 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:36:54 GMT
x-content-type-options
nosniff
age
63117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 20:36:54 GMT
css
fonts.googleapis.com/ Frame AE09 		3 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans:regular,700,800
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24fcdb43e6e673475dfc369de95726b7fb6a001c6ce89253e2bd584978dbe8d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 13:54:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 14:08:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Jul 2022 14:08:51 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AE09 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 07 Jul 2022 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AE09 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 16:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 07 Jul 2022 16:13:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C62A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcIQ98-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoEwgFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2aTN4LPpHGJNaEZ7WgPOFFVTrmt3H7wjOcroZTYTDd9FOdCFr41SoAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=04g4bv4nhc0&uach_m=[UACH]&cid=CAQSPACNIrLMolDABE4eZiIOcmiN0_LZ90Tt4k7aPIEzC3W1CpeXYjCQYHge3_UUb9BQXV-aD5jG9j6_FJSbcRgB
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame C62A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j8rqhh5j40kxnd09sf54abzr7ysjsvmt6pmz932q8m4nvcv59vwyway65jjres3xztqvfema5mk2zpn38wbcr3mywg1fkz0v0cx6wvgjg82v77ab4gfw4eeb6497yxhgebj3q0s14f33qkd6qvr9f414r64rz9mxcgn7t3n3vznwcar5ghxxe052vxw17r7t3y6x6fxdjjhvv03bvakqcxytegt3rkd0sw4y58yjg0gcyb6d9kvvfsxt6bx3yfr9kzjmhfr6phd49wdmfskpd1txvj9qygf8wgs4abshh68zdp2cffaqwsxeeq5vhezg29ab60qnkva84zpy4pxd89abx0scxnwkvtc0h0cfqvmqvs99th2ht6kxq2mm6gktkyq7eayb5s5zkptt7efb3r&b=Ysbo8wAEdAwKsofJAAKPldIZxHfrogCcd4O8Wg
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D343 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86c81c2043c31b8ed451b457a5a1812ee0988efaa9d5bc580cb0cdc8124996
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
72712792baf19295-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame C62A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27D5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 08 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C62A 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame C62A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:09 GMT
l
www.google.com/ads/measurement/ Frame C62A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhVGEP5bUhF8sIG6jy_2QNSwSF2CUwuy8VZTCnpOZ2gZLeNekaKKf3_2cB4Fr07rgrqos0_gXmmS5GiJxFN8otWo0J4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 1DC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CP_Fe8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoEwgFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8jmfKfgQz_sC3_bIA_fyrMILqD5ahkQpAXcd-gAiFtX2mYlA09hi4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=9AmiJVxOA-w&uach_m=[UACH]&cid=CAQSPACNIrLMIVtg2ksF7oUvHV42W5Qblz7jLlbfVdLgBl1ahI4kcAF732HBEyAS_bv-nwJTxUPEpQF8Bus99hgB
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1DC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jzg1hgsqz2cdj0011j4e3ba54dzry2eav1fs65ywskcxcn3f8c58csrx30rt6504bdddb57tvqcgd5y8zjz0t60bq7dcpr1exg36ezf92erejzwjzhne6ar9akz5epq3smbbmktqw02t9ah1f3takaf2pre08zf28gp7yxsjy9tfdvjggb1hfph8arftkcjcmeaj3crg3czhm0zwb89xapryg3c48265vyj3drw8n8m70vmgqwqmykt7ftx9a0q1zcv1qsjdhm71w5cw119f08hhvss64zrne6hx7wstv8jfjn6s0zes4sg7gh4kj5270ak4ahsv86y1v9dag8dwnt1czttt0v3ag8t3qers77rbvkp66qygf9b6v82d05sqtpstbhwa82gh341vgy5eer&b=Ysbo8wAEiSYKstQQAAPTSAvmcR6pwal9OagQrw
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 957B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251bae2dda07c3fb4876e8664487449f55cdb49dc196fb27923b9b5bbfa92006
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
72712792baf29295-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 1DC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3A17 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 08 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 1DC4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:09 GMT
l
www.google.com/ads/measurement/ Frame 1DC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9A-yuRU1TuWtHjMcUwmJ3jWVDF9hqojbjc9P_ktIGCmX95zFEQfvRVKdkxQPhDJbBex1ull6PmXQPh0DKEMcZ_9bJBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DC4 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
css
fonts.googleapis.com/ Frame A817 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 12:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 14:08:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Jul 2022 14:08:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A817 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 13:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 13:59:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame A817 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A817 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A817 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43254
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657132091081416"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame A817 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:09 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame A817 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 13:16:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 775A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWGC08ujGYuraL8H1zQaY2baAA5qxr7JRtIT_3NwIz6qpussIEAEggfOTKWCVgoCAsAegAfTO45UDyAEBqQJBTnNnCRmxPqgDAcgDywSqBMUBT9BuYLs_0jKgmG03TYAHcbLi_nhiWPhq6H4x_cqDWuR95j0UoMIQFw4GpuoGFphz_APXHDjgd4-qcHrlHObkwACMKjR-wkr7ofHe1zlXXLg-DsHq55Bwhgvq9aDuEEOHotdTjjufZF01mHVvkwLGjTLkVTOoYaImN9zuQ62gVWXh3YSpOfu0EHEi1otSC2SJZgrEZYKz2QrFoHl2MpmFB9n-Y1ZkcveK4iMKzNXOci8x1exm4mlgTp5hcBIRVBxDTYKQI03ABM_F4sStAZIFBAgEGAGSBQQIBRgEgAf0sJxqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi-cO0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAXQFQGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=TPXrC2XBVh0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 622F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 775A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
076f7f50cb3fda0239e1f3f0d56e36607f4f869bb77f2e0e36b16512a19feeee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4FB7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame D81D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D81D 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A817 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CabQ98-jGYpvhEc3cygW49ZSgDpqxr7JRtIT_3NwIz6qpussIEAEggfOTKWCVgoCAsAegAfTO45UDyAEJqQJBTnNnCRmxPqgDAcgDywSqBM8BT9AG17Iv1lT6qHon3QE8gRyMCRf_OJCCAnlQInp1z7druKUundPtTzcZg0WCAYTJ0HA39wfke3IVex6g4Ea65_1g5haiRxsFCw4JUFng2zC4dhHLcMdPP_OyL08h4OanHtwbWxDRCSAidDvxpnMXyJhzUMvg7jN1CXWJgMhfSrIvFUVqZYhSEL7qTSt8SlBy6c6mnzIOx_kDHQqqD3atbpvyx8y2zfMnoIjo7Hb19CTHmjij1MPimeLIlK5ni2tqzafrSagrXfDY6qZTJAh9wATPxeLErQGSBQQIBBgBkgUECAUYBKAGLoAH9LCcaqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOrZA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUBdAVAYAXAbIXHAoaCAASFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=CThx1TT9k2o&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/980523926256175915/ Frame A817 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/980523926256175915/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1ea5aadac55d00ba5d873f8eed0b989415749da7a8a37ae00c4a2ac09827f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:53:28 GMT
x-content-type-options
nosniff
age
130523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10311
x-xss-protection
0
last-modified
Wed, 20 Mar 2019 10:13:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Jul 2023 01:53:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2236444779911946350/ Frame A817 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2236444779911946350/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476a07e1375c2e66ddcb5f5cf7734dc4cfaf1227b6948fff6c8140169bf07675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 11:20:48 GMT
x-content-type-options
nosniff
age
10083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4073
x-xss-protection
0
last-modified
Wed, 20 Mar 2019 10:13:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 07 Jul 2023 11:20:48 GMT
aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
pagead2.googlesyndication.com/bg/ Frame 961E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930552&bpp=1&bdt=515&idt=172&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IQj7CrkONo&p=https%3A//www.proxysite.com&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 21:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 21:21:30 GMT
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame D343 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1134668
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
72712793eb18bb8f-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame D343 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6712
x-guploader-uploadid
ADPycduV9OVPTOEY_VwxXxfyIrqxVgn3dqiFMz7kUXsBmUezo_0C-AxkWu9YhtySJxu6twXVjjtNeygPt3KJ2LxvZhIy5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 12:16:17 GMT
server
cloudflare
etag
W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTUBEHuJ%2FNLGNfuNivYIncRUAnDURNihBbnVEq%2BMBBsO8U8nK4HUS4146ckCds%2B3s4snyU93bUGhUmlkOy74O2LAcMDPLFq0IZuWs8ER5iuQkZ1dYfN%2BpWSxefA%2B7QTccMAUrDQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654863377140818
content-type
application/javascript; charset=utf-8
expires
Thu, 07 Jul 2022 12:16:59 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11896
cf-ray
72712793dd189295-FRA
cf-bgj
minify
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 957B 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1134668
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
72712793eb12bb8f-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 957B 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date
Thu, 07 Jul 2022 14:08:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6712
x-guploader-uploadid
ADPycduV9OVPTOEY_VwxXxfyIrqxVgn3dqiFMz7kUXsBmUezo_0C-AxkWu9YhtySJxu6twXVjjtNeygPt3KJ2LxvZhIy5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 12:16:17 GMT
server
cloudflare
etag
W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3pKKdWcYuhy1zd2DAHW8k5wRgNf0lIJBnVUsFUn9wVQPLlgjheNO5v3RiQfcs5034o7U0crhVriIUI3iMPsy7SWdvUaNrTXPl8%2BXwex9dt6B1IL1pq%2FOiMRQSIUYwcJf7ndkjo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654863377140818
content-type
application/javascript; charset=utf-8
expires
Thu, 07 Jul 2022 12:16:59 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11896
cf-ray
72712793dd159295-FRA
cf-bgj
minify
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 89B0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 08 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 775A 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:36:54 GMT
x-content-type-options
nosniff
age
63117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 20:36:54 GMT
truncated
/ Frame A817 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f69a09e0f72bdecd70c4c29c1bb2ad51a9ef758219a896aac06b1df2a92369f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v14/ Frame AE09 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesans/v14/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:regular,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d383f6c4fd9e49453e370aa4eb03df2ff81d4524d4a6045be1220476046dfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 23:55:08 GMT
x-content-type-options
nosniff
age
569623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26176
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:07:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 23:55:08 GMT
truncated
/ Frame C62A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3617397524f589185dee7c6acd111e89bc8f9cd0fb56b07e0f5eef851b44444e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 27D5 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGkM7ZZIhmC8_lgH085ZjOk&google_cver=1&google_push=ARnp8GCBjwYC9gi9G2oQ3RCOVIm3Suieg1AHhX-NsppBy1dknvqpUJTmq_lwWXKJCmoGRwXX26oDsVMhoPUfcy_Ww3GEZN-_PLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27D5
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6O...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNibzlBQUFCWi1kb0U1NA&google_push=ARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6OiKVOI3wsQdifbVnZ84S1HcPLx_4urubhkegeAekC1EUZaVH10CRyC9TI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNibzlBQUFCWi1kb0U1NA&google_push=ARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6OiKVOI3wsQdifbVnZ84S1HcPLx_4urubhkegeAekC1EUZaVH10CRyC9TI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNibzlBQUFCWi1kb0U1NA&google_push=ARnp8GAXBu7_X9RDes08Nyx16K93a5Qkf0xTEglWT6OiKVOI3wsQdifbVnZ84S1HcPLx_4urubhkegeAekC1EUZaVH10CRyC9TI
Date
Thu, 07 Jul 2022 14:08:52 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame 27D5 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJYd_aRBlABMTtzauHQUY-M&google_push=ARnp8GA1Rgj28KDX1Zx7OFJXAPUN1MOz9bSTkDnZsk7z2xJTjq_4IDLS2Y4W1rhCMhccB1HSp9xCNeaJrOFVN-QnRK9YrL2Ef_8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 27D5 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDrj3SIlsHO7K90eTfIPSg8&google_cver=1&google_push=ARnp8GDPta-ImvsgO3qARPzuzsNXySa0CNLomigCv6cpOLcPYA-N0mHYgt81-Q7augBdseLphfvRZ8t77yYknITbId_rtYr_Bsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bdkp35kkb31pdleoigdel7scks5qvaaq
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 27D5 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGpJRH5EQKOKMAFQ1bMlv-8&google_cver=1&google_push=ARnp8GDUdBTc2DCNuqqr_pmKVaYVgfLIMlc3LQ7m37LvWc89ygkd3v3CMOA2vkwZk-KIF4s0ou8-WocXBFhi-KGScmK39xHHmj8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 27D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDIIA_TeSdn9XvRmsurFj6c&google_cver=1&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUEtRS1NNFVS&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWkTJUgdQWFuoCJTih4UVIi_TfM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUEtRS1NNFVS&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWkTJUgdQWFuoCJTih4UVIi_TfM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUEtRS1NNFVS&google_push=ARnp8GB-c12o4UAbUXMNGh4AN2MAvuotmuLpL0Swqh7dwsZeURxk3TVPQhfnyoz7xBm5udwRjWkTJUgdQWFuoCJTih4UVIi_TfM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 27D5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk3LEymwP_wGZfM-HMRGAWX4v5_bDifB-0fsM19jZoIB8dMuGZvZY_2EkWDERjx0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXLOVpGpxs4y%2BBWAJ%2B0wTMMIM8Gpz9jt4YOhUXOiipJDI%2BCyoxlscgnhh1IDGYf5fMkL26cTGOfAnzACiTN6frjzOr%2ByQ37lYHSqFYR7lhYWSO6vxdAN%2FEBlM%2BtgkblAjxSZJ%2Byu7JMR6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBGgxqBE0jsqCA8D7t3R6u8&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDl55dgT9YcvkhHHgEpM6Ydp8U-6ZPKk3LEymwP_wGZfM-HMRGAWX4v5_bDifB-0fsM19jZoIB8dMuGZvZY_2EkWDERjx0
cache-control
no-cache
cf-ray
72712797dda39113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 27D5 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig68cSSpF1Bogw01DubgfxkfK3LxF616EeKEus-Lfd75s6RtwX7IZ9ZNFw630ZiHLlRFjU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2192318161&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1190&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Zw77kfHrhI&p=https%3A//www.proxysite.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 3A17 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEybUtvqJGqyH5fW-A-Wd2A&google_cver=1&google_push=ARnp8GCR9X2KPQJv8VRSlYKcBYlpc0ce0bXBCxMslqUd3ve4h56q-fawpjODYXE3yOvGEhBYEZ74XWqkJRsR9bGUNIOQcbWCr7Hz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3A17
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPUCUyKqBK3TO49ft-qAI1w&google_cver=1&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU&google_hm=Q0FFU0VQVUNVeUtxQkszV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU&google_hm=Q0FFU0VQVUNVeUtxQkszVE80OWZ0LXFBSTF3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAQcRYw1ic5UsvNBhKGVzOlvPcKKddCSjXEGbiiyHFZ0-6n1eyUZsiEYD55VCfNVY0X7pJCVT4JUESGP9FHTSaQ3U6Hl2vU&google_hm=Q0FFU0VQVUNVeUtxQkszVE80OWZ0LXFBSTF3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 3A17 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMCTcO4jeQhkAuvmDmtvKD4&google_cver=1&google_push=ARnp8GC_U43H17waZMYTeSKt_Rg-1qrxvHSM-KlKapWLRCkk7zK3iRo7quaz2BcT2eejxOYjXQVWvb6NiVoq-Z_j1sqtt7mHOzM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
eb596mc9f6h75kjlec4dmc0pdt9tsgv4
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3A17 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFPS6qt3BArzpt-ONSmZ_ss&google_cver=1&google_push=ARnp8GDALIZ4XxBol4gXC-ieFRuVC-orIfr30FHRMeNdLcNFjzMczXEnLeTdfFcrwaUqc7aJDNEgY_I8JKuCSB03uj9NgFEqffJB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3A17
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpSDI8S6Hx0Kt_X9fZnzpA&google_cver=1&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCatt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUstMjMtTFczUg==&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCattgcmsanscBF2k7Jhy7ADV9AnU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUstMjMtTFczUg==&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCattgcmsanscBF2k7Jhy7ADV9AnU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2MUstMjMtTFczUg==&google_push=ARnp8GCDtlKKAIYJd8WppdKA98z34AJWRKW-SyiB5F1n-v0jaE-0Fl--M8fvBLAo__K4phZCattgcmsanscBF2k7Jhy7ADV9AnU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3A17
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6MNM0-G_amDHRPWbSKMh8fx1tWp9TtYZBUHJIz1FUbz_Uz3rupT03CHRoi4Uv_SI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgfG%2FNFfrd5mNjUqlfm%2FMe2dDhPS0zI%2BWXwoArDBNokMGsf69rJBavKhsOffWuYjxn2YJm7X7p1L8NJQbs%2Bn35QlrxzKbFnqPS14Uc7UwHWQWF3qZSsy9KhC%2BPMaq79Sny6YCnZmW1PImQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMK6XxkLOoGzdBLVFjjzZyo&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GBQPvojoaHq-BEH6NxIaBZjInLyA4pK6MNM0-G_amDHRPWbSKMh8fx1tWp9TtYZBUHJIz1FUbz_Uz3rupT03CHRoi4Uv_SI
cache-control
no-cache
cf-ray
72712797dda79113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 3A17 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESENHisnw2-8u09jVWh7WHVAs&google_cver=1&google_push=ARnp8GBNPIOpmzUI_y13WfhBdQ-U9WeHsZb5ARvSaEX87rhFdkDnE8aATrALBRLgLISFeRpyFwppcPcnLCBYnSaelBcgvE46-NYF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3A17 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KW6JSl7auMWKL9wIKml_7eJLAL4Kf1FmGB7kPhCM0QFM0Sf8Phixuzu8jjxRPFipzw70SV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=1&bdt=1189&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=mkCQZ7QQVT&p=https%3A//www.proxysite.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1DC4 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
485739e64dd8d65f9c5ae07ec349d5a45d1ff1b23450e245c1fde9b5a8867737

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A817 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 16:39:45 GMT
x-content-type-options
nosniff
age
250146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 16:39:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A817 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:45:42 GMT
x-content-type-options
nosniff
age
192189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 08:45:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A817 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
241256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 19:07:55 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 622F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:52 GMT
expires
Thu, 07 Jul 2022 14:08:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame D81D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 14:03:09 GMT
Logo_728x90.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/ Frame AE09 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/Logo_728x90.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c1ee6bade5daa697962b3d9c12b62f197003d7093caddc7f5ca8d0ec64a1e26
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
99333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3513
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 15:31:20 GMT
server
sffe
date
Wed, 06 Jul 2022 10:33:19 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Jul 2023 10:33:19 GMT
truncated
/ Frame AE09 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4689cff9e3ea83694dae88d3808ea6c071573aee744628a0c40394ad1f01613f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4FB7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:52 GMT
expires
Thu, 07 Jul 2022 14:08:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Jul 2022 14:08:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
pagead2.googlesyndication.com/bg/ Frame D515 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1657202930&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202930547&bpp=5&bdt=510&idt=147&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&correlator=767338632492&frm=20&pv=2&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QPaQko0GAU&p=https%3A//www.proxysite.com&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 21:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 21:21:30 GMT
pixel
cm.g.doubleclick.net/ Frame 89B0
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE9dTIEUUDKxQXbWJB3nvNE&google_cver=1&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1f...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1fAvQmoGIlurRI1iSas9-Zq6RbTYOZ9ySmGmG8hcXMY3hQ&google_hm=ShealDLwvc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1fAvQmoGIlurRI1iSas9-Zq6RbTYOZ9ySmGmG8hcXMY3hQ&google_hm=ShealDLwvc9e-AMOzKGqyA
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAJpBIsw1dQi4Cm6REar1C5dsz3YC6hCx6Y7zFCwpWSLm7vtVEk1fAvQmoGIlurRI1iSas9-Zq6RbTYOZ9ySmGmG8hcXMY3hQ&google_hm=ShealDLwvc9e-AMOzKGqyA
pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89B0
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC6a_f8...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC6a_f8...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDcxNDA4NTMwMDAzOTU5NTk1ODE5OQ%3D%3D&google_push=ARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cej...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDcxNDA4NTMwMDAzOTU5NTk1ODE5OQ%3D%3D&google_push=ARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cejh483Y_I3Sl4lT1pMaR2w33o2t0Kd5AQw
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDcxNDA4NTMwMDAzOTU5NTk1ODE5OQ%3D%3D&google_push=ARnp8GC6a_f87S6lePvsPVzSwg60eSv8O8Ny4GmZjcM6PVKgp2pxDUGC5QvSsonnjZ4Cejh483Y_I3Sl4lT1pMaR2w33o2t0Kd5AQw
pragma
no-cache
date
Thu, 07 Jul 2022 14:08:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 07 Jul 2022 14:08:53 GMT
dds
rtb.openx.net/sync/ Frame 89B0 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEABlU5YdVondnmNqHbluFdk&google_cver=1&google_push=ARnp8GAay5i-Vcdpl6MQafWq5oLfrCuu_wPJFiWy2NfdMh7ghUmYi7wZTmOlsr68c6GNnW4U3yDj8784e0zQ81zztjAMpqEmwCqHvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
s42du5207p3uer3llvh3nvf4t9uf2s7d
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 89B0 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHrjT3Qjf4ngmsWXB-r6tUQ&google_cver=1&google_push=ARnp8GCJFgejsH-EeZloBvJJbRyPsGDfzsJhGXIgiqwFBapDpGwWPswuBX3Ub0MpcfJxVNyZ8PAYxwg2CFKN5pNEWz8xVz9BFhYu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 89B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGygH6wIpZ_n3BRr4sU-1nk&google_cver=1&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2N0ktMVMtSktSRA==&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnpBPDvwSnIPa1xYI6Hdps8ytAbT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2N0ktMVMtSktSRA==&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnpBPDvwSnIPa1xYI6Hdps8ytAbT
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCM1U2N0ktMVMtSktSRA==&google_push=ARnp8GCj-YE2OX0KkM-tsT4aMGtj6S3jdgluuYLmDJzVo9JcibxUJ1UmXKs8bVBS4GQJWbREjnpBPDvwSnIPa1xYI6Hdps8ytAbT
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 89B0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDZkQYTicWXW2qeylyRtfC2_dIPqMXfA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDZkQYTicWXW2qeylyRtfC2_dIPqMXfAVkI5ygyCguuAcm_l55f1pt8c6RCbxFJss6zxvtSDO6HRq6mJfkGQCPiqxPvgyWLLQ
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUrBZFpcGxBOTuXE3Toflga%2F7y4qUL9TE3fOLgYLfamKVxjehoHLuFf%2BTA3QamkAGgAsdtb%2BxENv5yT4eONcIORecq81kSJYLPl9mJRbl%2Bp%2F96Yx4GZC7tlewxHPJVV2tmtg0Dzq7U4gLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBeiGlKN2suIOuV4yU5yq2g&google_hm=Ysbo8xycrhrfaewijExzXgAABKsAAAIB&google_nid=index&google_push=ARnp8GDZkQYTicWXW2qeylyRtfC2_dIPqMXfAVkI5ygyCguuAcm_l55f1pt8c6RCbxFJss6zxvtSDO6HRq6mJfkGQCPiqxPvgyWLLQ
cache-control
no-cache
cf-ray
727127982dfc9113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 89B0 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFT4ku1T9ckGBJm0hKY99yw&google_cver=1&google_push=ARnp8GCMgQuAYIKR3PetIGUtWY9SChjPPV2W92NIN5pvX31Ug9OLWNXw6cgEPoZjfD4j5CATdspzJuZyI9KnK7Y04BESNCE12EqsnQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 89B0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoprrTL5P9wj3TVu_2ixzR_6RsCsiMV5LFTLBCHu7sq8omXAJwf_MO13kiPZQIRABZNmsf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 957B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 07 Jul 2022 14:08:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14099428
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrlDn0x%2BxmSsIBVHbZ%2Bdkjm4ufGkfLLBpFEnRccatjXsJeCMzFH%2B8r81%2BWB%2BVDttKQ5d7uNSi0s5wyxR72Dptm5ePeoxL%2F0rbCXrUDnopgdQrf0c4kUW3GCv5Awx3kCRK12fOesnWAk7W5xXx%2FUYxwwL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
727127993a9f91f9-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D343 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 07 Jul 2022 14:08:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14099428
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2JAIO%2FwNPG4fjAmVtvmBQjmgVekQPQy%2BF0sT8PZjamXKdL0suTCHyCmH2xb0gW8jNDrWUyYnMPz1TZNZY16oRN%2F3%2FIkTwcioiFnqGx%2BJOHSePMXZOF6NzzHe92O%2Fan13ZZLqrTduuQI%2FlvON8iECoib"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
727127993aa191f9-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
pagead2.googlesyndication.com/bg/ Frame 9BCE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657202931&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657202931226&bpp=2&bdt=1189&idt=-M&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbcba868bae8564c2-22c8ce127ad30037%3AT%3D1657202930%3ART%3D1657202930%3AS%3DALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=767338632492&frm=20&pv=1&ga_vid=1563271077.1657202931&ga_sid=1657202931&ga_hid=1733055402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31068226%2C42531605%2C42531608%2C31062930&oid=2&pvsid=2742935723686316&tmod=1638959180&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QRdM0SWkle&p=https%3A//www.proxysite.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 21:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 21:21:30 GMT
frame.html
ad4m.at/ Frame CD89 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
716130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
727127992d4cbb8f-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 14:08:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 07 Jul 2022 15:08:52 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BayRIbw0QJZfbOVZFdMu%2FlyO6wwZOYvBTgvwg87NSg2kFx3dc40B9i9jxXTcseWJXUpsL%2BF2dDesQqZ%2FfVa5hrWr8lNAfGfv4PdhK82JLHc7eyknn1O7mq2sCwTQbNs3kVBwNJM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
frame.html
ad4m.at/ Frame 314A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
716130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
727127992d53bb8f-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 14:08:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 07 Jul 2022 15:08:52 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6sAq1Y%2FVYLxQHcB5BEhT6g8d%2F2afHFiU9Z9j7JeONqSWLCpaUFq4hegrjwckH5wQF7ynDWqGYJ7k5aXrx8PA4Ed5%2FD0AkNHOtGC6uNeD3vufOo2bh6VbtPKvIILDQam3kV5bYQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
pagead2.googlesyndication.com/bg/ Frame AE09 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 21:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 21:21:30 GMT
truncated
/ Frame D81D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f3c1429261b8347abc88ffd0f9125c1751f9da9f0ceaa047834918825aeaf49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A681 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujv63Xktyc8nbtodLwEzvPYHQOjC7K8vibEcMnupC0VyKpurbCvNbZTirAiWK6IBktx_RPN_a-hOijBOIxDq1btcodB6OED4j_R5BcwDxgFSy1HTXTUPKZYmmsNVvDcL2zeMpB1A&sai=AMfl-YRQLLpRIUELJja-oefQiW6iFP7rMeyJEOOA7HOrQ488GC_0Jn9arpkwU-Zqu0zdC6agnTO85StV-u5k&sig=Cg0ArKJSzOb6t4Fd1rPqEAE&id=lidar2&mcvt=1035&p=0,0,280,990&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=523175106&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657202930729&rpt=928&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220630&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f6c387f2e0f212cdae15437c6fc47e90c9ba62397a270412964c506f6e1489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Jul 2022 14:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10577
x-xss-protection
0
rs
ad4m.at/ Frame 957B 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad19f3a83546b032f0907cc399bfae2a1318d57de6a87b24d8d9674c99c756f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
7271279b7df85c3e-FRA
date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMTbqWowD9I0FMySbhATUa%2BLOwSn7wYW1r2b6CcWQUQzgIZhui0fbxrNa9j%2BjB0APQE2z7yBEl%2B0xDOftCfK3PQSCO1%2F5X0Zw9mX51n0TI0xTz29UmBcXQRiJjCoOPWWHtoo1B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame D343 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c60e30e1bb59f5468f91bb81283f664020980bc668f694c3b5c3bfd99bc8141

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
7271279b6dec5c3e-FRA
date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvDE1%2FoDw%2BBikLLWSZJb2odXmUeqlJvrMYX1hvbDmkH5bKWumZpRNVx7PQtFfmZ8A3iQ8pTtRMk%2FGpyRx%2BgDiXeFfDbOECRl%2BEYD41Lq4oECUrzP7kiFkeb0WBWy%2FFEZwh%2FF30Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7271279b1d665c3e-FRA
content-length
24
content-type
text/plain
date
Thu, 07 Jul 2022 14:08:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sn2s8EnOc1RR2XoJwkC5UeOi1aPFp6boJ90C6qvX0PUfA5wP3zkSLcpAWMQrOxs8jF%2BsU%2BSetgNUkzIW4EaJxfZjE3qOfTfAGA7h18LzH5Djz%2BwKQ7D7tRb3odZBKOWrPP40YZs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7271279b1d625c3e-FRA
content-length
24
content-type
text/plain
date
Thu, 07 Jul 2022 14:08:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD7m0fySuQq399JJDkjRy%2BAMjIaj4QpUZWuvq2zQLNOOamRG%2B284VNiHarKRLERWJIUyATWA9K5EfQi%2Bqhqz3t%2FRoZUHrUGEJryAGzMR100fzIXia2sP%2BpvTV%2FWSxSiWtiwbs40%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-w6qz
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Jul 2022 14:08:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 733E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 13:59:07 GMT
expires
Fri, 07 Jul 2023 13:59:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A00 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0d34edc0a34dfcbf36686a18ae345f25642189338315380bdfd49569a6b24f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AZKGDLSMBf7gnNLispQPKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.proxysite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-AZKGDLSMBf7gnNLispQPKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:53 GMT
expires
Thu, 07 Jul 2022 14:08:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
pagead2.googlesyndication.com/bg/ Frame 733E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 21:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13869
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 21:21:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220630&jk=2742935723686316&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
rar
as.ad4m.at/ad/ Frame 0D86 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211d792f417e8adfe54e1b9ad405b7b9484266f776390223a45df73146df8747
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kxa44te2zqjjjt27aap267q37cpm03paw055jkjm2y4dqmf4b9fbrchf0pf903qbecnr9xrbfwkxq56zr0y837w7z4xe9sqwepzjznb7hetqg6sf2bq6yz3sz15nx15p6j58y6bmaqj678snrajmhbvksnwvz71r994sfr0sr0yfzpkwjsamdee9vmb1jbw8yta6dnx51n23vndtd35kfadkr11tfv7hwjrvrwet9tx0prkyadrtde71gvgc8dr1kk9wfsqqr95dp2gty6srbv5yfwft37mks5qcz8hkzwfmqkeagt8wvpdqertbxtp94pqmvp1e3pkc6x6brff3ncw41094jtd684q26j92p4mm4v1h1exqhz1h2qzj349fh92ppcfhvzrfgjt3y601ma59g67w4yy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%26client%3Dca-pub-5271052033776811%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7271279bba3bbb8f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 955C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5914eb350e27109664f47f13cb68cfa1c5d23524f9e3f549ad33b45b03d5ab4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h8gw5kh41dg7nbzck0a3bk46f38y9jwg0nh054s4f2nxree0ea3qwdw08n8eqbqx98nxe0jyp3z0g491nsewdzfcnew9f4nj9eqzkbjyx87qgrwrqb7dtm862acvtgewrayskhr31tdff3m81rj506vbd751c1cz301vddvdr7ne7f85xb4h6pk1e841hmvgpgmn7tt9hrhqb0kjmq11hgx3r7wfhk8d64ssfvt3by5qbkw8z125cv3kg0jbckmbw4yv662ydpp9ry5shbngjmdb2wxt4t00ngmv31a3zdf6cpsd5c73ghwg65jkjmbzfc7hwtf92px1m2k59rmk28dvddhmy0wwyk45hrnf5t68z4m5dbdmg57637509btswjaec69enrje4ja7z6hdkc8zvbn7f5f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%26client%3Dca-pub-5271052033776811%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7271279bca44bb8f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 14:08:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame D81D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDFb3HuI2a4unOD72TxIeaj_VYNZjVENxtQaGIuJNfsdrRZ5ByII1JzrrdJ4gS1V4eSEWTHJWHhBPXCzAYtt2XoXrZzuRZdZzTolCkrNqpdndCuoxN2r_8fVEAKCjHYuBFrgJA0A&sai=AMfl-YT48uX2IdugPMO-4FitgliOxiID35pBtzi1mspyeE3CeRgDvfWn2mGXvKt9CPVV-q_O8wOpWTRThpbc&sig=Cg0ArKJSzCiSHJ8LMbGNEAE&id=lidar2&mcvt=1003&p=0,1,124.25,1006&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=0.86&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657202931304&rpt=662&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 0D86 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1134670
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7271279c3b3fbb8f-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 0D86 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58619
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycduvVihrOm_mKTwHWNlKWJSh5BO7eTZ6it0kSxgImF4AXY8fVabIRF8W2L7t3IGG1xMjH1DVgXnx3XQEnNYfwhjmbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DqYdrSYCEjWlnAAMlZVjvfhp7BKY2iDOllMSeLioJzx7SseUhONYuF57P8BVSLIsWBwSm0CYFp9ryMpuJ1coENPK3bdZK3RYq56fNDNmXYNEH0%2FfZKb70pMh%2BJf4n4Zlxq3as097SqRRydr"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
7271279c4a9a9295-FRA
cf-bgj
imgq:85,h2pri
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 0D86 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55174
cf-polished
origFmt=png, origSize=155400
x-guploader-uploadid
ADPycdsDJqToDF6JPz770RFhGEAy-FR6dfI13R1PK2WI43EAXyX4i7pRRSTywRiQ4N7x6ZCxrq4VfD3j10z0Ver-Ms5Etw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95550
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmDbIX2TB3CCQWRW1wTBfm3uDFx4AcLhBaC9CX33Bjzf%2BcWbzLJVgbqN9y2HQi9BBlXBBANFHAiXruBx2T1FT9BpVxvNbDYFu5eFkaidtZx2DkW86TG9SxL9vaCYPCauAdbT09rlGGAODcEW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1648136736276206
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
155400
accept-ranges
bytes
cf-ray
7271279c4aa49295-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 0D86
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKmln4H65vgCFZOMdwod3k0Orw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55287cc0-fdfe-11ec-aa12-2231088bd649
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55287cc0-fdfe-11ec-aa12-2231088bd649
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Thu, 07 Jul 2022 14:08:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55287cc0-fdfe-11ec-aa12-2231088bd649
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0D86 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58629
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdupybirQ2gQIU71AHr5zHPWpZuZSxTGFVYBD_qmXZpoQhai0vD9Ek9gKwjkLQFIlpfN-DaALNZec7omzOGFxbKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlhVFRpFvDtlh9lqIHTbA2sTsB8t53UpwHz5fzC6%2Bc7oEQ8HPo9KA3RXlc2goqMnvDkLZ8mk0CqxURmlUtniN3QIRUYWLEl4Rd7k3r0ighy8EP2V4C9T6CWhzLAejuE7%2FrvAZIMcN2gJHX7S"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
7271279c4aa39295-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0D86 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
707423
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdtZLUxD1St7sXk-EYespXLKb1_2k2_uAb02nvpX2rsuktJyd27hfzyYqfRDDXoeb15PzHJj0pqtmerHh9g5c2a9TSnMgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaWS4cRv%2B%2FGrjIvgQdM4onILnsp6Sz13DY4i9aDktua%2FnNenet0mEUCMmJ7Ufy73we8YMBvmI%2B%2BMAsprPTBAlvFqFebeC1bk0AtUC%2BFcXD24srDIkXUcYQ%2BCZcYmkTkFy34nILHibQf8AaLO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
7271279c4aa09295-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 0D86 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59308
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdv4CII7AUavOeYU2jUZNTAln1cPncVqyUqGZ9tSEgMm682NLjYD0DG3yEp0NYUjLWJ_eJ07TfSx3m4Fc541bL5DEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rbqke9OCO8OamGS5nG%2FR2VmtM2w3bHGFm4rpzvQiJe%2BrqHeLgSxFa%2Bc9zG%2F4i9DeDVux9FYEXRnQ7ccawQ7zf74T7aYgBdsz0ti28qdg4BHSk%2Bbd1X5rhD0tqCluED3HNjcTWuErOaByqdef"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
7271279c4a9e9295-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 0D86 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58006
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycdtDjIDpF4VSo__iPkX0v6-tWCX5fQsedRkdU6-ev-_-6VkZNkuvU06Y2YwlsjthIe91f--4rRh-o98ace3GMcKU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxtV480bPtQCs%2FusARQ60TY8GjpMkvnaiCZGyb4emAL886OJFvZ6SCoVwlqtLaLN4fu62jxqaC1ZYoIo6pqdVtRhbbBzlIvSo9jjRCw0mi2wSj048PA0jNesCRM3UzC7ydaIe8MEP%2FuJzTj5"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301671870263
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
7271279c4a9c9295-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 0D86
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=55134710-fdfe-11ec-b9b9-223765e4ceee&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_55134710-fdfe-11ec-b9b9-223765e4ceee&insert=AW&&gdpr=0&gdpr_consent=
0
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_55134710-fdfe-11ec-b9b9-223765e4ceee&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
726108070
cf-ray
7271279e082f9170-FRA
expires
-1

Redirect headers

Date
Thu, 07 Jul 2022 14:08:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_55134710-fdfe-11ec-b9b9-223765e4ceee&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 955C 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1134670
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7271279c3b4fbb8f-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 955C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58619
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycduvVihrOm_mKTwHWNlKWJSh5BO7eTZ6it0kSxgImF4AXY8fVabIRF8W2L7t3IGG1xMjH1DVgXnx3XQEnNYfwhjmbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngpzCyZX3q3m9vnnQnKzoPXMDzjaEfj3PJW0oJPGRfkUVYUfT%2BD6o58XzmYjXVLVslq8Ge%2FB%2BbKsiYsOneI2DIKKKYZT33%2BEeZ%2FiE7FGlPJQpLN6Vu3xJQKMs3%2FT0dDAlHwGebIaarNkYLSI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
7271279c4aa59295-FRA
cf-bgj
imgq:85,h2pri
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 955C 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=h0Ee3A==, md5=fa2j8/YyGn7kutxTsR2h8w==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58551
cf-polished
origFmt=png, origSize=451997
x-guploader-uploadid
ADPycdv-pYTLb2EakRQQCjHqkJnaOLVGAGWrw0rUQlG2a9iisPpVYF5MFhtA_vDDBjIAzRwzAPvTSr9noGJBiMFzuxKhXA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cLJ1Qj5OKvqLfpnplsI14MQ69QlHewrLjeagN1DiWyYH7ShJHEz2Z7kqptX%2FrzRHzfWCh3RKafnplenrgYDvgVt4Q7Ue7JAqM7kEn2O0%2FBitzg4PhbYxE0LT0UADcDil6dZwbxlpiVzEl9m"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655194888130368
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
451997
accept-ranges
bytes
cf-ray
7271279c5aaa9295-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 955C
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55132000-fdfe-11ec-a709-2234153bf6e9
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55132000-fdfe-11ec-a709-2234153bf6e9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 07 Jul 2022 14:08:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1657202933_55132000-fdfe-11ec-a709-2234153bf6e9
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 955C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58629
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdupybirQ2gQIU71AHr5zHPWpZuZSxTGFVYBD_qmXZpoQhai0vD9Ek9gKwjkLQFIlpfN-DaALNZec7omzOGFxbKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm30yah8ptHMa%2FZcK8vUbAvPXH7R%2B8fzmQOgaYdM0sd0cim9Vc%2BGN5TzacZOSzlJ2uBgMH13crxjjT8iFT5MZIyPPfaL%2BeEnaBdMWBYPRgp%2Fk8uU0pTC%2F5M%2FfsIdae2AIS6yVSfkJz3%2FMwm1"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
7271279c5aac9295-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 955C 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
707423
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdtZLUxD1St7sXk-EYespXLKb1_2k2_uAb02nvpX2rsuktJyd27hfzyYqfRDDXoeb15PzHJj0pqtmerHh9g5c2a9TSnMgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vsp21bs1VOG2qLtOX7Os9ucJiq%2FsUjhlYb0oXkq7tvMPaDRcGEXsGa4vzm4R2jMy1xDzwjIw%2BPHCa2%2BAEE3fkeWUlUiskHns8lHYHA662eQWOvfwqgNvgzVxY3LX60%2FuWKAfrfI%2F6%2BX9TxmA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
7271279c5aad9295-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 955C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59308
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdv4CII7AUavOeYU2jUZNTAln1cPncVqyUqGZ9tSEgMm682NLjYD0DG3yEp0NYUjLWJ_eJ07TfSx3m4Fc541bL5DEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KLsc4wRoW3fJBg%2FfqRAgmHDE4rq34%2Bx4%2BZ6ywwgfizqaPHBUIfJz8eMYQGMifas5segmcvpHq425QTnlvZkyfBHiZkyteqinf0YJsV%2FHYNbIAfX9EYLpbJnDTacbRp8VdqKpyBn%2BDW%2FHzd0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
7271279c6add9295-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 955C 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Thu, 07 Jul 2022 14:08:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58006
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycdtDjIDpF4VSo__iPkX0v6-tWCX5fQsedRkdU6-ev-_-6VkZNkuvU06Y2YwlsjthIe91f--4rRh-o98ace3GMcKU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxVPkIRQXlAOxHh%2FHAm3BLxWUkbMfddFGPRBUGWq1h%2FIHXtCbjlJt0coTkrQxII3UQFpqIU28eI9D0K0428N4VQPBdfb03AdbULuh032IElKrtRskQJm1NNHcYMS4dJ6iIsmWLNmZDU5Tfft"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301671870263
content-type
image/webp
expires
Fri, 08 Jul 2022 14:08:53 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
7271279c6adf9295-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 955C
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=5512f8f3-fdfe-11ec-a709-2234153bf6e9&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_5512f8f3-fdfe-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_5512f8f3-fdfe-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:53 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
725540974
cf-ray
7271279e08319170-FRA
expires
-1

Redirect headers

Date
Thu, 07 Jul 2022 14:08:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1657202933_5512f8f3-fdfe-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 775A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQowHZdJ0lv4CuBfqknENrmejTDEh3PfoU8PR1VzQB7WGVVsQCH9f7FCX7hY5ggZc1DlRPG_Miztuuc_wiq0C242pq95OZy-mGnT0zWxXndYh8cALkmMHBIWCmjoHqNmQeVTvgCQ&sai=AMfl-YSc_rmR7Z97XWaKqDimEjBD4p4wd7KYNHmsJKUhi5XAfC-CbDq74fHM4G2OQ2LKp_ttQCfWt4lDH2Jz&sig=Cg0ArKJSzDqavfav3cMxEAE&id=lidar2&mcvt=1008&p=0,0,280,990&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3927345067&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657202930711&rpt=1398&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 14:08:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 0D86 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqxg48sstp9x0pgd8z956yypyg5bqj07m16jf3kt65c1qyz3bj65vmcsgzhr4c4fv0994hw89xfb15r9yb04nvp90knf6ygq61sya6tw74m7r6vdx59v7a9r70eq3z2neazztrgdc69qy1rh9mfev2fgfdrc8ew80fecrj8a7ny1q64104a21wzcrah3p7j5aa6nrarmhdmkxff5k9d4deg49z3vxqxft0nf75k2jh3vpmqpebyz0qjtfzyfag4nc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f626e46cb43bd907d59265e11c04d786%2F9771519695243592744&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933045&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
63983d08f70565094a0d4f46f71720355025162fbb0f4ed94a241c27f414c4dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Last-Modified
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1356
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 733E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?V3aqvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:08:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
link.html
track.webgains.com/ Frame 955C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h0jeejg2awymbdrx1sm2rq8pqhhqdnvcdf30k1rfqv72fap5eay6sb3rjz9a95scr2ke5eq1f9p6g26bmy5k388cq9a0n7akkadbcsn3wbt8427tj50vn4nff20da13skj1xawyfewvvgjj4yfnm88qy9s87qyp8kbvtzvc4p9akth47nsyvvs6emyz6cm8nt3pa7pvg1pkv5x07bt5wpyehe5deghr7fvtysn5e09c43nc9d9nkp8h5nmcpvb0t8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
d81dcbb8f93083b355e749f507d2a4c2373bc02db469a441f49b8c6e48f47682

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Last-Modified
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1356
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 955C 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h0jeejg2awymbdrx1sm2rq8pqhhqdnvcdf30k1rfqv72fap5eay6sb3rjz9a95scr2ke5eq1f9p6g26bmy5k388cq9a0n7akkadbcsn3wbt8427tj50vn4nff20da13skj1xawyfewvvgjj4yfnm88qy9s87qyp8kbvtzvc4p9akth47nsyvvs6emyz6cm8nt3pa7pvg1pkv5x07bt5wpyehe5deghr7fvtysn5e09c43nc9d9nkp8h5nmcpvb0t8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-23.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
75193
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 07 Jul 2022 04:10:46 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
6Zof6i0SVsdluSjBBfTqVeRMI4dfj28PXav52a5sRoVyg_bza-Upeg==
link.html
track.webgains.com/ Frame 955C 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidwYVUdfjfEQMhEHRH2tXt41MTzSAT7zU5oneid__UIM_DE_RON_2_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=bd08a8388d91bda10b6ba7cf906716fd%2F5167363993019357314&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1657202933048&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ha5yy7jb0kmzbacnqqr37pbtbe4jbfs7a26q6hzm0gr8eg1bmjv6zwk1c4wpsr18aypzdmjm01awjda21ca6dpxpfzy39gyjbnpmrb75mr251ppb4e6fns9pftdzcrbxxgf2h5smmak1se9w28yw5tarjz0ycgzp320r4tsx5w372tc2sqrvpy3qaqeqzp922mww2apye7ts1kwsaey2br68b41n3ns21brb51v71jr06w1kxv0kg244p2c7f6hb4fn0qr7zxnb2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwpCK8-jGYqaSEpCoywXIpo-AApDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0FxB1nSz9vA5uG0VPK4xrz044uyFPWkROuXa9zA9BFd-bPjtvBLHazjpR0SXZrJCIbENKGxc0X0jMJVc-Y2eDOb6mNdukCEZc5r-3fYEhXF_cifUmpHQgrNxAqssc0Oxu7cK5-wLOA3nQ8AzjkmOESMuxqMt4f1PCYfko2DGEn4spabCM6G3bdiVFjmJOSU3wANM9BCwy863u8ikfoZylMZrS7dcaJkFgyH6F7TzxxM-vNhctaGScM9J9n7w39AhQ6sp2oAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0RwPuJjXEcdqMcdAU7L9UCXceZqA%2526client%253Dca-pub-5271052033776811%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Last-Modified
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 0D86 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqxg48sstp9x0pgd8z956yypyg5bqj07m16jf3kt65c1qyz3bj65vmcsgzhr4c4fv0994hw89xfb15r9yb04nvp90knf6ygq61sya6tw74m7r6vdx59v7a9r70eq3z2neazztrgdc69qy1rh9mfev2fgfdrc8ew80fecrj8a7ny1q64104a21wzcrah3p7j5aa6nrarmhdmkxff5k9d4deg49z3vxqxft0nf75k2jh3vpmqpebyz0qjtfzyfag4nc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-23.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
75193
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 07 Jul 2022 04:10:46 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
Af9gqY7Q_d03kvIQTAdpYBfBrryosJGYDZuSA69Yp625hGei1lZkFA==
link.html
track.webgains.com/ Frame 0D86 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidwYVUdfjfEQMhEHRH2tXt41MTzSAT7zU5oneid__UIM_DE_RON_2_300x250&wglinkid=713569
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqxg48sstp9x0pgd8z956yypyg5bqj07m16jf3kt65c1qyz3bj65vmcsgzhr4c4fv0994hw89xfb15r9yb04nvp90knf6ygq61sya6tw74m7r6vdx59v7a9r70eq3z2neazztrgdc69qy1rh9mfev2fgfdrc8ew80fecrj8a7ny1q64104a21wzcrah3p7j5aa6nrarmhdmkxff5k9d4deg49z3vxqxft0nf75k2jh3vpmqpebyz0qjtfzyfag4nc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg9hbd0sdvcb36c625c4n2g2ze6bfgvke8gs31nmf814hj8m72d274g0mmdc68hq7rpyq9e80b18z6t1cprmm7d0pm29w93p4txe3vw9cgcvb2pjsda1g2v39sy76nr6at5v47fahg3dr90yvbxjgx0sjn5zpcdpjq7vt0jah0x1r7kzmd7ct90n7whj2hv7h0pdfj8km1pwt2kpagjfw9t92kxveya4tg76a2b8sck0adp3kmetf942fnnajc7tpy854122akv2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeCYu8-jGYozoEcmPygWVn4qIDJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQJBTnNnCRmxPqgDAaoExQFP0L-pcu_gdng6lXsWiUHGl_dYp4es2TZqM7qAv9TSKwjOk1PNwjRDooaeiUIPxlo9vtgLkpRaJob7-mPHWf2HlvTHXVMCR4HrcP4iLQMpaYQDUZABcKwwZIEgM-Cj2DkQPz4bE_mDsC95Z5G4C3n3iqPWV9WR0dbnJ8ijyY3xq66f63ER4U5WQkD7gK4cWEq9bK2oDceb0rZEa2bRNaNdc4gOdWmepf7VccOnd62ncXTelDqrY91KtKNjOP-XyiF1gtVziYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1v2yOr2GzXEWcACl4DuR3ApOMm-A%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Jul 2022 14:08:53 GMT
Last-Modified
Thu, 07 Jul 2022 14:08:53 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220630&jk=2742935723686316&bg=!qaqlqu7NAAaLlKKnq5Q7ACkAdvg8WjpPOAedTp3Br6fqunF3Am6LbEFQuIVPAidy7gG4znznyr7qHgIAAAC1UgAAAAJoAQeZApzL7pM8OJut3_DdDUXdA_1b_cZTvZTmCvGTzVv_9Qjbc_7CpC_OkJ-fQKoZHKhZvnH4tY4EPl2M9nG76koE3gPRPv5JDXW43u4k0ArgB5JT7zL5tTE-p_VAaZqbj7ttl2uBQpKTwn-jUhThjWjSYUODkU479H5nxHpLpIi6ReE34HfhUOp_SC3plQuCF4fxgHAuA3F2Mdufv8aY8-2j2MKU9VNYlk_1djNkrCBK2WISUZoFhxt-8ZNnxEBV7g__kHwY1SAWrfK9Un5kUQbdX9eQ9NWHdQq_AOrxVilhEhEgBzNfcaS1nNORYyzDR68xXa7kffC_XN1xdzf2Lb4-HESInc_LhKrxbaOtabnQqfa-WK6NRAvuySf83DP5p8YBaCTXcb64LRttZfoYs8n3b0wJa0THqFbBMu_Vvp50Yk2fmSF1HBojWAy0okDjlbqL3p9SynUj7v2J-SDRkx-a6ztcIryr-b2r8RdlHAjKroB1uPqTtjqm-C7kFE_5fCEPN-ovUoUQqdBqONtdx9SRBm4vDkMQSY3BZH36zloxQQ9I0vzXjzUvNuL2LdMTMEeqQdGCYJj7VDrdwy5jCt7cgFy83UsEK7pZwJpoHD04jnOV74gCjcSXTouVw-BnEZpdRbx77IgzcJzyi0IwyTLEbjBpxGRvz9BDHw682j-gprOOh0jVg3Tc9MqlOtHyAck1M6mTLvZi9OG8q9LMD0QKMQEurd6HDH2C2vQM_jdjue1fA-f0UGNi2zJfB-WoHyPwZc_LwmqTEXCEoJg7E3PmPL1it3-RSw1fX2dR8aafuhqIMpLYoWHHt-2sTwem9D282V7PIlth2tBv-_aRhJ8d8oe5bJ1cye4PafnJhxkG6Mp1RaF4OdQBodZtJzigVw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 955C 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Jul 2022 14:08:55 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 07 Jul 2022 14:08:55 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 0D86 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Jul 2022 14:08:55 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 07 Jul 2022 14:08:55 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| screenWidth number| google_ad_slot object| __twttrll object| twttr object| __twttr object| FB function| $ function| jQuery function| setFormAction function| isProd function| closeLanguageBar function| setLanguage function| setupNavDrop function| initMobileNav function| initCustomForms function| initSameHeight object| jcf string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| jQuery112409174984083471853 object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

38 Cookies

Domain/Path Name / Value
proxysite.com/ Name: AWSALB
Value: Re2V/DGcfuZdhD/8qG4t3laJkNa2FUfwEWTO0XA3Wv0xB/xWtY1G7SGNl6byobVEmdT/RqjNSD+LPDmpkyavNuuCjx9Osojp+3wQyb/fLDIqYyXtnAhVpDDqvbin
www.proxysite.com/ Name: PHPSESSID
Value: g14gkb03je42p9veijvpu3ive5
www.proxysite.com/ Name: hl
Value: en
www.proxysite.com/ Name: AWSALB
Value: IZ1Y8UnZRsgTeCBlH9FbhTqIAQEf1Cq1WQ7mL8EvvS7J3/T66C6wI52F3wGP2McwVbPGqPMWCp5AoE8wVN+OKjAw7GzHAVKT1iJ9ssskpxM92Kx0XyPXVtmTKuz+
www.proxysite.com/ Name: AWSALBCORS
Value: IZ1Y8UnZRsgTeCBlH9FbhTqIAQEf1Cq1WQ7mL8EvvS7J3/T66C6wI52F3wGP2McwVbPGqPMWCp5AoE8wVN+OKjAw7GzHAVKT1iJ9ssskpxM92Kx0XyPXVtmTKuz+
.proxysite.com/ Name: _ga
Value: GA1.2.1563271077.1657202931
.proxysite.com/ Name: _gid
Value: GA1.2.1878065122.1657202931
.proxysite.com/ Name: _gat
Value: 1
.proxysite.com/ Name: __gads
Value: ID=bcba868bae8564c2-22c8ce127ad30037:T=1657202930:RT=1657202930:S=ALNI_MZwcpuAnjuAVwxZ_z4s8uVIh2eFPg
.doubleclick.net/ Name: IDE
Value: AHWqTUmaIMQ-ebK_V8oW3gSJO7miY0Fsz9KPk6qCLMlNZKOHti4uwD8sB2b1FKhciiI
.quantserve.com/ Name: d
Value: EHkBCQHHJoEA
.quantserve.com/ Name: mc
Value: 62c6e8f3-ecb49-d452c-3f715
.casalemedia.com/ Name: CMID
Value: Ysbo8xycrhrfaewijExzXgAA
.casalemedia.com/ Name: CMPS
Value: 1195
.casalemedia.com/ Name: CMPRO
Value: 1195
.agkn.com/ Name: ab
Value: 0001%3AhsKSOIPg7T3sAcJaShUyH%2BtcrX6D%2Fr9p
.agkn.com/ Name: u
Value: C|0CEAqWaVzKlmlcwAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/ Name: CMTS
Value: 2189
.innovid.com/ Name: uuid
Value: bf3e8553-527a-42b8-9c23-3f6802e5a058-20220707 10:08:52
.doubleclick.net/ Name: DSID
Value: NO_DATA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.awin1.com/ Name: awpv11354
Value: 412871|1657202933|55134710-fdfe-11ec-b9b9-223765e4ceee
.addthis.com/ Name: na_id
Value: 2022070714085300039595958199
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62c6e8f57a50a68a
.addthis.com/ Name: ouid
Value: 62c6e8f500012b3407b51b6859df52911f5f1963e6d6c9bb0745
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220707
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.zenaps.com/ Name: awpv11354
Value: 412871|1657202933|5512f8f3-fdfe-11ec-a709-2234153bf6e9
.awin1.com/ Name: awpv11938
Value: 412871|1657202933|55287cc0-fdfe-11ec-aa12-2231088bd649
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1657202933_55287cc0-fdfe-11ec-aa12-2231088bd649%22%2C%22sp%22%3A%22awin%22%7D
www.conrad.de/ Name: HTLP_timestamp
Value: 1657202933
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: adHGKiKHNUTMyDc6KPCiq_ojXkNla8QSZS_H2z5Cmwc-1657202933-0-AT60l/uZwGEbF7Vpyg0xfKX9fKmd0CJpRz2bP7EHkNV//DxvIIymRGvjfkRXTMJj898wKvkh4Fq3qxegzZDe/no=

1 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14991793492078853417/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
prod-rtb.ad4mat.net
proxysite.com
rtb.openx.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.proxysite.com
www.zenaps.com
104.111.239.217
104.18.18.126
104.244.42.200
104.90.192.27
13.225.78.23
142.250.186.98
148.251.139.77
172.217.16.198
185.64.190.78
2600:1901:0:76b9::
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:7f05
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc
3.122.145.17
3.208.153.128
34.251.55.128
34.98.67.61
35.186.253.211
44.205.241.182
46.236.35.87
54.76.212.160
69.173.144.165
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28
076f7f50cb3fda0239e1f3f0d56e36607f4f869bb77f2e0e36b16512a19feeee
0a5ef09b251158639e50d9c0407ac9769b06fd4ae042cc8f4fb6d89b3792b410
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d03e8582123f0fd996145ca75566a3f83c73a527929261d359fc22acf7c8abc
0f6c4c1e5cfc802183bfa6a9205918264a13610ad7c46d0788f621208a77dbdc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e2d54b29edf4ad85b9d2604f7e7e245f7779e5e5763f7dfb86da7cb02dfa597
211d792f417e8adfe54e1b9ad405b7b9484266f776390223a45df73146df8747
24fcdb43e6e673475dfc369de95726b7fb6a001c6ce89253e2bd584978dbe8d6
251bae2dda07c3fb4876e8664487449f55cdb49dc196fb27923b9b5bbfa92006
2592a03b65ea03708474b9ea74d6ad3738c124df64d49b6113584fde7f409417
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18
2f7e8e4853d3475b0d1648b7a8e5bcb33fcbb512996490d6440be5d6bb7cfab9
31da1ef6d67a2179c50ce61552e08325b58446e7e190ce4601fb28243bd4b1ca
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f
3617397524f589185dee7c6acd111e89bc8f9cd0fb56b07e0f5eef851b44444e
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4689cff9e3ea83694dae88d3808ea6c071573aee744628a0c40394ad1f01613f
476a07e1375c2e66ddcb5f5cf7734dc4cfaf1227b6948fff6c8140169bf07675
485739e64dd8d65f9c5ae07ec349d5a45d1ff1b23450e245c1fde9b5a8867737
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63983d08f70565094a0d4f46f71720355025162fbb0f4ed94a241c27f414c4dc
64f6c387f2e0f212cdae15437c6fc47e90c9ba62397a270412964c506f6e1489
65cff811cf09928d7c655e645ec2d4b0ec419c3efe8f3e67b2274cbdb1cff3ab
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e5c5a7c99039620f227bcbec1debee6828015f5c65ada20ce6853aee22df16
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
6c1ee6bade5daa697962b3d9c12b62f197003d7093caddc7f5ca8d0ec64a1e26
6f3c1429261b8347abc88ffd0f9125c1751f9da9f0ceaa047834918825aeaf49
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f
7ad19f3a83546b032f0907cc399bfae2a1318d57de6a87b24d8d9674c99c756f
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1
80fc816d329adc725822f71706a74b14d9823a93ad9ec34813ff1877e3720e79
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
926fd2d1b351b9d31a60a6574b4a1511d14ae879ae8bdc54dd5fedacc9570c20
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43
97c247b6f637585f48c997f4dffc18b51c53d3765361f4ce8396140e49bd03b8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c60e30e1bb59f5468f91bb81283f664020980bc668f694c3b5c3bfd99bc8141
9d383f6c4fd9e49453e370aa4eb03df2ff81d4524d4a6045be1220476046dfa7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a650b721fc7bf646922ffccb4845b24c8c3711cc779f028ffddb570b37cb0412
a6af7487fdbfe887dafc3eb9edda214d319e05d4608012986895f07d0a42de38
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1ea5aadac55d00ba5d873f8eed0b989415749da7a8a37ae00c4a2ac09827f63
b30b67c6585347a5baa691d7675574154fde7bacd8f3686969ad5f3211f7d743
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0d34edc0a34dfcbf36686a18ae345f25642189338315380bdfd49569a6b24f9
c5914eb350e27109664f47f13cb68cfa1c5d23524f9e3f549ad33b45b03d5ab4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3081adf195cf5ef4d21b77a728ed0b56e4ba08b81af7a10a5fc14dd7ce662ac
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81dcbb8f93083b355e749f507d2a4c2373bc02db469a441f49b8c6e48f47682
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
df86c81c2043c31b8ed451b457a5a1812ee0988efaa9d5bc580cb0cdc8124996
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e4b65732f3f356186b2ab40482f562bd55177f2ca54db8cf9b3701549fd6ab80
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69a09e0f72bdecd70c4c29c1bb2ad51a9ef758219a896aac06b1df2a92369f8
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa0fb5070a18a9e17126cf2187b0cfe9557e613d4433d193c97fe73eeab3e68f
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c